News

Discovery of malware cesspool triggers attack fears

SearchSecurity.com Staff
Security researchers at antivirus vendor Trend Micro reported finding a Russian Web server hosting about 400 malicious programs, as well as several Italian Web sites linked to the server.

According to Trend Micro, the discovery could set the stage for a large-scale attack.

In a blog entry Thursday, researchers said most of the malware on the Russian server appears to just be copies of each other, but among them were three specific groups that are typically used to display pornographic Web sites in a victim's Web browser.

Meanwhile, Trend Micro Senior Software Engineer Feike Hacquebord reported "Italian-like" Web sites containing IFRAMES that point to the Russian Web server. These sites apparently reside in a hosting facility in Germany, with registration data pointing to an email contact hosted in Russia, researchers wrote.

"Looking at these massive samples of malware, we can't help to think that there's something brewing in Russia," researchers wrote. "We have just seen these cybercriminals pull the Italian Job recently. Are we now seeing a Russian Uprising coming our way?"

Last month, a cyberattack infected thousands of Web sites, most of them Italian.

Trend said it's monitoring the current situation, and has blocked the malicious Web sites. It is also adding patterns to ward off new malware found on the Russian server.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy