Risk for Corporate End Users as Web Attack targets Social Surfing

In what looks to be an attempt to steal sensitive information, multiple middlemen this weekend compromised thousands of popular Italian web sites using the known and common IFRAME vulnerability to deploy a slew of malware attacking unsuspecting web users around the world.

The sites at risk cover a wide range of internet interests from cars, motor racing, hotels, sports, music, lottery and pornography. Even web sites connected to Jon Bon Jovi and Mother Teresa weren't spared. With the increasing use of Corporate PCs and laptops for social activity, IT Administrators should be prepared for an increased number of helpdesk calls and internal outbreaks.

"In the last 48 hours over 2,000 Italian web sites have been hijacked in this way and we've seen a doubling of victims every 6-8 hours," cited Ivan Macalintal, Senior TrendLabs Threat Researcher for Trend Micro. "These web threats are silent, invisible to the unprotected consumer and therefore more dangerous than common viruses. The attackers are using multiple malwares to try to remain undetected and deliver the final punch, a keylogger that intends to solicit personal information such as banking information or passwords."

"This latest attack highlights how the malware market has shifted and how pervasive web threats have become," commented Anthony O'Mara, vice president EMEA, Trend Micro. "The author(s) of this latest attack probably had months to plan and execute their criminal act. The regionally targeted nature of the attack and the speed of web site infection points to a criminal gang with profit in mind. Businesses need to ensure their end users demonstrate extra caution when surfing the Web, and if not already using a reputation based technology, one should be deployed. URL filtering cannot stop these attacks."

Full details and regular updates are at http://blog.trendmicro.com/another-malware-pulls-an-italian-job/