Trend Micro Warns of Fast-Moving Web Threat Spreading from Thousands of Compromised Web Domains and URLS in Italy and Around the World

Latest web-idemic discovered this weekend relies on common website "iFrame" vulnerability to inject malicious code into otherwise legitimate websites -- Trend Micro™ OfficeScan™, Trend Micro Internet Security, and Trend Micro gateway and mail server products offer detection and protection against the malicious code

CUPERTINO, CA-June 18, 2007-Trend Micro Incorporated (TSE: 4704), a leader in network antivirus and content security software and services, today announced the accelerating infection over the weekend in Italy of seemingly legitimate web pages loaded with malicious code that could plant a keylogger to steal user passwords, or turn computers into proxy servers for various other attacks. Trend Micro data indicates that tens of thousands of users worldwide have already accessed compromised urls, oblivious to the threat as a result of their natural web surfing activity. The initial HTML malware takes advantage of a vulnerability in so-called "iFrames" that are commonly used on websites and commonly exploited. Trend Micro researchers believe it was initially probably an automated attack, created from a computer Trojan-making kit.

On the IP page where the affected browser is initially redirected, the malware toolkit statistics page displays information on how users visiting legitimate Italian Web sites are getting redirected to the host from where the download chain begins.

Currently, Trend Micro HouseCall can detect and clean infected computers, and Trend Micro™ Internet Security as well as OfficeScan™ 8.0 can be used to block or to clean the variety of Trojans and malware involved in the infection sequence. Trend Micro gateway and mail server products also provide blocking capability. Trend Micro's ability to protect against these attacks is aided by the company's innovative Total Web Threat Protection strategy.