Italian Websites Hi-Jacked, beware of Trojan



Believe it when I see it Admin.
Staff member
My Satellite Setup
Technomate 5402 HD M2 Ci, DM7000s, Transparent 80cm Dish, Moteck SG2100 DiseqC motor, lots of legacy gear. Meters: Satlook Digital NIT, Promax HD Ranger+ spectrum analyser.
My Location
If you have visited any Italian based website over the last few days, make sure that your antivirus is up to date and using active scan, as thousands of Italian websites using a major server host have been hacked and redirect to trojan download sites.

Here is the Trend Micro article on this new malware, dubbed "The Italian Job"

Trend Micro Blog said:
Remember LINKOPTIM, which exploited a number of legitimate Italian Web sites to spread malicious Javascripts? Since early Saturday morning (June 16, 2007), Trend Micro has been receiving several reports of a new batch of hacked Italian Web sites that trigger a series of malware downloads once a user visits them. These infection series begin with a malicious IFRAME tag. Trend Micro detects Web pages hosting the said malicious tag as HTML_IFRAME.CU. All the compromised sites are hosted in Italy and, to date, Trend Micro identifies 1,174 affected Web sites.

- - - - - - - - - - - - - - -​

Most of the legitimate Web sites that were compromised by the malware authors are related to tourism, automotive industry, movies and music, tax and employment services, some Italian city councils, and hotels sites. Apparently, most of these sites are hosted on one of the largest Web hoster/provider in Italy.