More Than 10,000 Sites Infected 
Tuesday June 19, 2007
Security vendor Trend Micro is working with the FBI to identify the source of a malware attack that has hijacked more than 10,000 web site and is infecting vulnerable machines with a fast-acting Trojan downloader when they visit. It is thus far unknown how the attackers managed to compromise the sites themselves. The malicious web sites attempt to exploit known Windows vulnerabilities to install keystroke logging software on vulnerable machines and execute other attacks using a utility called MPack. For more about this attack, read this article in The Register. To protect your computer system, you should ensure that you pay attention to the monthly Security Bulletins and apply any applicable patches. You can also read In-Depth Security for more about layering your defenses to protect your computer better.
Comments
It would be nice if there was a list of affected hosts or sites where I could tell if I needed to reload my own site.
It would also let people know what to avoid until it was fixed…
Couldn’t agree more, Mike. Reminds me of a certain Y2K scare campaign … long on frighteners, short on specifics.
That would make sense. I would say you could check with a vendor- namely Trend Micro since the article specified them as working with the FBI- but I doubt anyone has listed all 10,000 sites somewhere. The only reference I have seen is that you should avoid Bon Jovi and Mother Theresa.