Discovery of malware cesspool triggers attack fears

Trend Micro researchers say a malware-infested Web server in Russia, linked to several Italian Web sites, could lead to a large-scale attack.

Security researchers at Tokyo-based antivirus vendor Trend Micro reported finding a Russian Web server hosting about 400 malicious programs, as well as several Italian Web sites linked to the server.

According to Trend Micro, the discovery could set the stage for a large-scale attack.

In a blog entry Thursday, researchers said most of the malware on the Russian server appears to just be copies of each other, but among them were three specific groups that are typically used to display pornographic Web sites in a victim's Web browser.

Meanwhile, Trend Micro Senior Software Engineer Feike Hacquebord reported "Italian-like" Web sites containing IFRAMES that point to the Russian Web server. These sites apparently reside in a hosting facility in Germany, with registration data pointing to an email contact hosted in Russia, researchers wrote.

"Looking at these massive samples of malware, we can't help to think that there's something brewing in Russia," researchers wrote. "We have just seen these cybercriminals pull the Italian Job recently. Are we now seeing a Russian Uprising coming our way?"

Last month, a cyberattack infected thousands of Web sites, most of them Italian.

Trend said it's monitoring the current situation, and has blocked the malicious Web sites. It is also adding patterns to ward off new malware found on the Russian server.

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close