Researchers at Trend Micro are reporting that as many as 10,000 Web sites have been infected with malicious code that redirects unsuspecting users to a server booby-trapped with drive-by exploits—part of a wave of attacks originating in Italy and now spreading through Europe.
Dubbed the “Italian Job” by Trend Micro, the attack was first uncovered June 15. Legitimate sites were hacked to include a malicious iFrames tag redirecting visitors to servers armed with a tool called MPack, an exploit tool that can target security holes in multiple products.
Since June 15, the number of sites affected by the attack has multiplied several times over, said David Perry, global director of education for Trend Micro, based in Cupertino, Calif.
“There are already somewhere between 5,000 and 10,000 Web sites affected by this,” Perry said. “Theres nothing that all these Web sites have in common. Im calling it a Web-idemic.”
According to Websense, based in San Diego, the regions most affected by the situation have been Italy and Spain.
In a blog posting June 15, Symantec researcher Elia Florio advised Italian users to update their anti-virus products and make sure all the recent patches are installed on their machines.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.