Discovery of malware cesspool triggers attack fears

By SearchSecurity.com Staff 02 Aug 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

According to Trend Micro, the discovery could set the stage for a large-scale attack.

In a blog entry Thursday, researchers said most of the malware on the Russian server appears to just be copies of each other, but among them were three specific groups that are typically used to display pornographic Web sites in a victim's Web browser.

Meanwhile, Trend Micro Senior Software Engineer Feike Hacquebord reported "Italian-like" Web sites containing IFRAMES that point to the Russian Web server. These sites apparently reside in a hosting facility in Germany, with registration data pointing to an email contact hosted in Russia, researchers wrote.

"Looking at these massive samples of malware, we can't help to think that there's something brewing in Russia," researchers wrote. "We have just seen these cybercriminals pull the Italian Job recently. Are we now seeing a Russian Uprising coming our way?"

Last month, a cyberattack infected thousands of Web sites, most of them Italian.

Trend said it's monitoring the current situation, and has blocked the malicious Web sites. It is also adding patterns to ward off new malware found on the Russian server.

Tags: Malware, Viruses, Trojans and Spyware,  Web Server Threats and Countermeasures,  Web Application and Web 2.0 Threats,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Malware, Viruses, Trojans and Spyware Cybercriminals invest in social networking attacks Information security book excerpts and reviews The world's top 5 riskiest domains New Zeus spam poses as Social Security statements Increase in Gumblar backdoors poses FTP credential problems Hackers to sharpen malware, malicious software in 2010 iPhone worm Rickrolls jailbroken phones Israeli Mossad add Trojan Horse to Syrian laptop Schneier-Ranum Face-Off: Is antivirus dead? Modern malware, stealthy botnets, adapt quickly, expert says Web Server Threats and Countermeasures Information security book excerpts and reviews Increase in Gumblar backdoors poses FTP credential problems VeriSign extends DDoS attack protection service Microsoft issues IIS FTP advisory, exploit code circulates Panda reports fast-spreading rogueware antivirus fraud rakes in millions Oracle issues quarterly patches, fixes database flaws Latest DDoS attacks extremely unsophisticated, experts say Stolen FTP credentials likely in massive website attacks Microsoft warns of IIS zero-day vulnerability How to find and stop automated SQL injection attacks Web Application and Web 2.0 Threats Cybercriminals invest in social networking attacks Information security book excerpts and reviews Bit.ly boosts malware protection Hackers use Tiger Woods saga to conduct search attacks New Facebook worm propagates using sexy model Web security firm ranks Firefox, Safari browsers as flaw prone Web application vulnerability assessment shows patching progress Layoffs prompt insider threat fears, cybersecurity survey finds Botnet masters turn to Google, social networks to avoid detection Computer worm infections up, scareware antivirus down, Microsoft says

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) directory traversal  (SearchSecurity.com) government Trojan  (SearchSecurity.com) Kraken  (SearchSecurity.com) man in the browser  (SearchSecurity.com) polymorphic malware  (SearchSecurity.com) RAT (remote access Trojan)  (SearchSecurity.com) RavMonE virus  (SearchSecurity.com) RFID virus  (SearchSecurity.com) Rock Phish  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary