Billps Tudios

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, 19 June 2007

MPack Hacking Creates Italian Job Trojans

Posted on 12:12 by Unknown

When I first heard of the “Italian Job”, I thought it was some kind of new sex activity. Unfortunately, it’s nothing that good. It’s the name Trend Micro has given to an internet threat which started to appear on Italian web sites recently. It’s not a new threat but it’s growing and getting a lot of press coverage this week.

Trend Micro and others have identified the infection and how it works on thousands of web pages. What’s still unclear is how so many legitimate sites have had their top level pages hacked.


The source of the infection appears to have been created using a Russian based hacker tool kit called “MPack”. For under a thousand U.S. dollars, you can install MPack and using its control panel, anonymously monitor the success of your malware around the world. MPack version 0.92 also comes with a number of examples that can help you deploy keyloggers, remote bots and worms using a variety of known vulnerabilities in Windows.

The current threat in Italy is using Javascript code to create an <IFrame> element that redirects users to a new IP which attempts a buffer overflow infecting the users machine. Other examples in MPack use what we’ve called the ANI Vulnerability that Microsoft patched in April as well as Vulnerability in the Microsoft Data Access Components, Vulnerability in Windows Media Player Plug-in, Vulnerability in Vector Markup Language, Vulnerability in Microsoft Management Console, and Vulnerability in Microsoft XML Core Services. New exploits can be purchased as they are discovered.


MPack has been used for a variety of reasons. Everything from capturing passwords from financial institutions to just increasing traffic to a hackers Google Adwords page.

While all the security companies have spent plenty of time analyzing how MPack works, nobody seems to know how so many legitimate website are getting hacked. It sounds like the security companies need to spend more time designing and selling products to Internet Service Providers than just the average consumers.

Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in MPack, Trend Micro | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Support for Downloads without Surprises
    Last week I posted a message about the  packaging of ad supported programs along with popular software. It appears to be a common practice t...
  • Employee Manual to Prevent Cryptolocker and More
    A common way computers are infected or compromised has always been a simple yet well thought out deception. It can happen to anyone and the ...
  • What on Earth is “Cloud” Computing
    The new big buzz word in the computing world is “Cloud” computing. In the past I’ve been critical of the concept and even poked fun at Cloud...
  • Why Dancing with the Stars is #1
    Are you wondering why the heck I’m talking about TV Shows? Well, it’s still a little all about tech and some of my past experiences. In the ...
  • WinPatrol Cloud Edition Public Beta
    WinPatrol Adds the Newest Technology Available. You’ll now have access the knowledge of thousands of WinPatrol users shared in real-tim...
  • SQLite C Code to Read Cookies
    While most of the technology leaking from my brain is for a wide audience, today’s post is very technical in nature. I expected the informat...
  • Free #1 Tweak to Improve Windows Performance
    Every year billions of dollars are spent by folks just trying to improve the performance of their computers. Over the last couple years ther...
  • Forget the DVD & Save on your New Laptop
    I’ve written before about the coming death of the CD/DVD ’s for data storage.  While that time hasn’t come yet for desktop there is one real...
  • TWITTER ALERT
    Anyone who uses Twitter, DO NOT use the Twitter web interface until further notice. There is a code injection vulnerability being used tha...
  • Security Software Doesn’t Fix Human Nature
    If you’re interested in PC Security, you’ll want to check a look at research recently compiled by the folks at PC Pitstop. Even I was surpri...

Categories

  • 2007
  • 3G
  • AAPL
  • ABC
  • accelerometer
  • Achilles
  • Acrobat
  • Activex
  • adobe
  • Ads
  • advertising
  • Adware
  • Adwords
  • Airlines
  • Albany Medical Center
  • algorithm
  • Amazon
  • amber alert
  • AMUST
  • Animation
  • antimalware
  • Antivirus 2009
  • antivirus2008
  • AOL
  • Apple
  • applets
  • AQuantive
  • archive
  • Aruba
  • ASC
  • Ask.com
  • ATI
  • Audio
  • Autorun
  • AutoUpdate
  • autoupdates
  • AVG
  • Azure
  • backup
  • badware
  • Bakugan
  • Baseball
  • battery
  • Ben Edelman
  • Beta
  • BillP
  • Birthdayware
  • Bitlocker
  • Blackberry
  • BlackViper
  • bloatware
  • Blogger
  • Blogs
  • Blogspot
  • Blu-ray
  • Bluehoo
  • bluetooth
  • boinc
  • Bonjour
  • Brazil
  • break
  • Breakaway games
  • Brookman
  • Browser wars
  • C64
  • camera
  • Carpal Tunnel
  • CBS News
  • cell phone
  • CES
  • charity
  • Child Safety
  • chinese
  • Chris Cook
  • Christmas
  • Chrome
  • CIPAV
  • clampi
  • Cloud
  • CNet
  • codec
  • comodo
  • conficker
  • Control Panel
  • copy
  • coupon
  • craplets
  • crapware
  • Crawford
  • credit
  • credit card
  • credit cards
  • ctfmon
  • daylight savings time
  • Dell
  • demo
  • Discount
  • Disney
  • DNS
  • Dollar
  • Domain
  • Donna
  • Doubleclick
  • Downadup
  • Dreamscene
  • droid
  • DVD
  • Dvorak
  • Easter egg
  • eclipse
  • Ed Bott
  • Edelman
  • egreeting
  • Email
  • Environment
  • Epilepsy
  • EU
  • eWeek
  • explorer
  • facebook
  • false positive
  • false-positive
  • FBI
  • file types
  • finnish
  • FiOS
  • Firefox
  • fireworks
  • fix
  • flash
  • Flashpix
  • Fort Drum
  • foxit
  • fraud
  • FTC
  • games
  • garmin
  • Gateway
  • GE
  • George Bush
  • Germany
  • global
  • Godmode
  • Google
  • Google Research
  • GotoMyPC
  • gps
  • green
  • Groceries
  • Habitat
  • Hacks
  • hallmark
  • Halo
  • hard drive
  • Harry McCracken
  • Harry Potter
  • Harvard
  • HD-DVD
  • help
  • hidden files
  • Hijack
  • History
  • Hiton
  • homeland security
  • Honor Flight
  • hosts
  • Hubble
  • IAC
  • ICANN
  • IE
  • IE6
  • IE7
  • IE8
  • installers
  • interface
  • Internet
  • IPAddress
  • iPhone
  • iPod
  • Iraq
  • iTouch
  • iTunes
  • java
  • Kaspersky
  • Kazaa
  • kenmore
  • key logger
  • keygen
  • Keylogger
  • Kosovo
  • LA
  • lady chalupa
  • langa
  • Laptop
  • lawsuit
  • Legoland
  • Levar Burton
  • Linksys
  • Little League
  • Live Writer
  • Live.com
  • localize
  • Logo
  • London
  • LOP
  • lottery
  • Lucasfilm
  • Macintosh
  • Malware
  • Marie Domingo
  • Mary
  • McCracken
  • Media
  • Memorial Day
  • mgrs.exe
  • Micosoft
  • Microsoft
  • Microsoft Surface
  • MiFi
  • mit
  • moon
  • Mossberg
  • Mothers Day
  • MPack
  • MSFT
  • msn
  • MTV
  • Multicore
  • Music
  • MVP
  • MVP09
  • nasa
  • NBC
  • Nero
  • Netbook
  • Network
  • network solution
  • New York
  • newsletter
  • Nintendo
  • Nintendo Wii
  • NNEDV
  • Norton
  • NYAG
  • OAuth
  • obama
  • Office
  • OLPC
  • Olympics
  • OpenDNS
  • oprah
  • optimize
  • optout
  • Paperghost
  • passwords
  • Patch
  • Patriot Flight
  • PC Guy
  • pc pitstop
  • PC World
  • pcmag
  • PCWorld
  • PDC
  • PDF
  • pedipaws
  • performance
  • phishing
  • photos
  • Photoshop
  • Pinnacle
  • Piracy
  • Pirillo
  • pogue
  • Porn
  • pornware
  • postcard
  • prediction
  • prefetch
  • Preview
  • Price
  • privacy
  • Prodigy
  • Programming
  • PSP
  • Public Relations
  • Pytlovany
  • Q-Link
  • Quicktime
  • quotes
  • radio
  • realnetworks
  • realplayer
  • RegCleaner
  • RegCure
  • regedit
  • Registry
  • registry cleaner
  • Release
  • remove
  • Research
  • return policy
  • review
  • RIAA
  • Rivera
  • RMS
  • Road Runner
  • rogue
  • router
  • RTM
  • Rumor
  • safari
  • safety
  • sale
  • Sales
  • Santa Monica
  • scam
  • Schenectady
  • Scoble
  • Scott Dunn
  • Scotty
  • sd
  • Search
  • Sears
  • Security
  • Services
  • seti
  • ShellExecute
  • Shirt
  • SimCity
  • site advisor
  • slingbox
  • snopes
  • social engineering
  • social network
  • solid state disk
  • Sounds
  • Sp3
  • space station
  • SPAM
  • spamhaus
  • Special
  • speedtest
  • Spyware
  • SSD
  • Startup
  • Stats
  • Steve Bass
  • stopbadware
  • storm
  • STS-125
  • Sugar
  • Sunbelt
  • support
  • Symantec
  • tagged
  • Task Catcher
  • Task Scheduler
  • taskbar
  • Tax
  • Techorati
  • techwatch
  • teens
  • temp
  • Thinkpad
  • Thurrott
  • tinyurl
  • Tips
  • TiVo
  • TLD
  • Today Show
  • Toolbar
  • toolbars
  • top ten
  • topten
  • toys
  • Translator
  • transunion
  • Tree
  • Trend Micro
  • tricks
  • trillian
  • Trojan
  • tweaks
  • twitter
  • UAC
  • UI
  • Ultimate
  • Unbox
  • Unboxed
  • update
  • Updates
  • upgrade
  • url
  • USB
  • Utility
  • Valentine
  • Verizon
  • versions
  • Veteran
  • Video Games
  • Vista
  • Vulnerability
  • wall-e
  • war
  • Washington
  • web2.0
  • Webslice
  • WGA
  • Widget
  • WiFi
  • Wii
  • WiiItis
  • wiimote
  • Win7
  • Windows 7
  • Windows Secrets
  • Windows Update
  • Windows7
  • WinPartrol
  • WinPatrol
  • winpatrolflash
  • WinPatrolToGo
  • Winter
  • Wireless
  • Wristband
  • WSJ
  • WWII
  • x64
  • Xbox
  • XO
  • XO Laptop
  • XOActivity
  • Xobni
  • xolaptop
  • XP
  • XP SP3
  • xp3
  • Yahoo
  • Zero Day
  • Zone Alarm
  • Zwinky

Blog Archive

  • ►  2013 (31)
    • ►  November (2)
    • ►  October (1)
    • ►  September (1)
    • ►  August (2)
    • ►  July (3)
    • ►  June (5)
    • ►  May (2)
    • ►  April (3)
    • ►  March (2)
    • ►  February (5)
    • ►  January (5)
  • ►  2012 (30)
    • ►  December (3)
    • ►  November (3)
    • ►  October (2)
    • ►  September (2)
    • ►  August (2)
    • ►  July (3)
    • ►  June (2)
    • ►  May (1)
    • ►  April (4)
    • ►  March (4)
    • ►  February (2)
    • ►  January (2)
  • ►  2011 (28)
    • ►  December (4)
    • ►  November (2)
    • ►  October (4)
    • ►  September (2)
    • ►  August (2)
    • ►  July (2)
    • ►  June (2)
    • ►  May (2)
    • ►  April (2)
    • ►  March (2)
    • ►  February (3)
    • ►  January (1)
  • ►  2010 (44)
    • ►  December (2)
    • ►  November (3)
    • ►  October (3)
    • ►  September (4)
    • ►  August (3)
    • ►  July (3)
    • ►  June (3)
    • ►  May (4)
    • ►  April (4)
    • ►  March (3)
    • ►  February (3)
    • ►  January (9)
  • ►  2009 (90)
    • ►  December (6)
    • ►  November (8)
    • ►  October (6)
    • ►  September (4)
    • ►  August (4)
    • ►  July (12)
    • ►  June (6)
    • ►  May (11)
    • ►  April (7)
    • ►  March (9)
    • ►  February (9)
    • ►  January (8)
  • ►  2008 (122)
    • ►  December (9)
    • ►  November (11)
    • ►  October (14)
    • ►  September (6)
    • ►  August (9)
    • ►  July (9)
    • ►  June (10)
    • ►  May (13)
    • ►  April (8)
    • ►  March (10)
    • ►  February (10)
    • ►  January (13)
  • ▼  2007 (155)
    • ►  December (15)
    • ►  November (14)
    • ►  October (12)
    • ►  September (14)
    • ►  August (12)
    • ►  July (13)
    • ▼  June (11)
      • When Will I Get My iPhone?
      • Your family member has sent you an ecard
      • How Does the Wii Controller Work?
      • Do All Signatures Come From Kaspersky?
      • MPack Hacking Creates Italian Job Trojans
      • Achilles WiiItis Injury was predicted
      • WGA Crashes Space Station Computers?
      • Grocery Shopping on Amazon
      • Apple Safari 3 Doesn't Really Suck
      • Spammers May Need to Communicate Better
      • London Olympic Animation Causes Seizures
    • ►  May (19)
    • ►  April (17)
    • ►  March (21)
    • ►  February (7)
Powered by Blogger.

About Me

Unknown
View my complete profile