
CURRENT SECTION :: TechZone	UK's most visited IT Contractor Site - 250k unique visitors March 2008

Members
Subscribe to our news letter service to keep current with the latest news and information. Click here to join.

Site Navigation
Home News Contractor Alliance Free Stuff Company Formation Bulletin Board First Timers Trading Structures Legal : IR35 / IR591 Legal : S660 Tax/Legal Q&A Jobs Contract Search Urgent Contracts Overseas Guides Market Stats Money Insurance Training Directory Agency Directory TechZone Contact Us

Search
Advanced Search

News for you
RSS XML feed News feed for your site News feed information

News article sponsored by...

Maximising Contractors' Returns

Safe, effective solutions for contractors

Call now on 08702 880055

Hacking spree 'will last another six months'

A cyber attack that has already claimed tens of thousands of victims was yesterday tipped to threaten Web users for the next six months.

Hackers presumably based in Eastern Europe are thought to have authored a mass roll out of HTML malware, to exploit a vulnerability in the pages of legitimate websites.

Taking advantage of so-called iFrames, the attack begun sometime over the weekend in Italy, but it has now spread to websites in Spain, Thailand and the United States.

Security researchers at Trend Micro believe the attack, hailed as the Italian Job, probably started out as an automated attack, created from a Trojan-making kit.

Yesterday, kits offering similar software, such as keyloggers, were available to download for Ł350 from Russian websites, according to disclosures obtained by a UK newspaper.

Both the initial attack and the kits have the same aim: to allow its authors to monitor the activity of the computer, netting any entered bank details, credit card numbers and passwords.

David Perry, a director at Trend Micro, told The Guardian: “This is a paradigm shift. We can expect to see this kind of thing being replicated now for the next five or six months.”

In an online advisory, the firm said the mechanism that spreads the attack is a complex chain.

It relies on website owners being unaware that they are compromised, and website users being unaware that surfing through seemingly legitimate pages can actually be part of an infection process.

Corporate IT teams were recommended to deploy HTTP-scanning methods, block unneeded protocols and use vulnerability scanning software in the corporate network.

Separately, hackers have been continuing their onslaught of legitimate websites, in light of a press report that the London Stock Exchange’s alert service was down for 48 hours.

The LSE apologised for the loss of the service, which The Daily Telegraph reported as resulting from hackers creating hundreds of thousands of false alerts, in a bid to disrupt the share price alert service used by more than 14,000 private investors.

Jun 21, 2007

Email this article
Printer friendly page
Previous Page


All content © Contractor UK Limited	[Register for News Letter] \| [Privacy Statement] \| [Terms of Use] \| [Top of Page]