Crippling malware attack strikes in Italy

Italy is suffering from a barrage of remote attacks launched from hundreds of compromised websites, security experts have warned. Researchers at Symantec reported that attackers have injected 'iframe' tags within the HTML files on compromised sites. The tags redirect users to a site that runs MPack, a utility that attempts multiple exploits and malware installations. More than 65,000 users had been redirected to the malicious page since Friday afternoon, and more than 7,000 successful exploits had been carried out.

Symantec researcher Elia Florio warned in a company blog that users should update antivirus software and all system and third-party software that can be vulnerable to attacks. Florio warned that MPack attempts to exploit multiple vulnerabilities and applications, including flaws in QuickTime and WinZip

View: The full story
News source: vnunet

Report a problem with article
Previous Story

Virtual Computing: Still a Learning Experience

Next Story

Apple iPhone delivers up to eight hours of talk time


Commenting is disabled on this article.

This's one of the reasons I've always had iframes disabled in IE's security settings – even for the Trusted and Intranet Zones.

Well, this is good to know but I wanted other details, like how exactly does it find its way out of the browser - and while at it, does this works on IE, Firefox, Opera altogether ? I saw the example on Symantec's blog and I'm curious if there are any security measures that can counter attack this at browser level, like disabling scripting..

"Italy is suffering from a barrage of remote attacks launched from hundreds of compromised websites, security experts have warned"

Shouldn't it say "have reported" and not "have warned" ?

I think this is just a way of increasing sales of internet security products in Italy by scare tactics.

i thought i seen a article on this not long ago about that iframe stuff over at a legit site like or something along these lines... i think it was fixed in new firefox update though.

all in all it sucks that more pc's are basically screwed up but atleast i aint gotta worry about that crap.

Altho I hate UAC in Vista, this is why it needs to exist. As computer prices drop and millions buy their first PC, these kinds of attacks are going to skyrocket. PCs need to be fool proof (noob proof) now more than ever.


And the worst thing about it all is, that ik think that more than 30% of that infected 7000 don't even know that they are infected.