Cyber warrior

This month Trend Micro reported on a mass web attack that has already been dubbed the 'Italian Job II'.

  • E-Mail
By  Sean Cronin Published  May 7, 2008

Security is still high priority for IT managers so this hasn't really affected us yet - but it will eventually.

Chang lives in the world of 'phishing' and 'pharming', IT-speak that describes the techniques used to steal personal information via phone, email or instant messaging that has grown to become a multi-billion dollar international business involving criminal gangs from across the globe.

Attacks may increase this year as hackers seek to exploit the web traffic generated by events such as the Olympic Games or the US elections.

"The profile has really changed from two years ago - it's no longer kids in their bedrooms fooling around and breaking your system for the fun of it. Now there is a big financial incentive," he says.

Chang cites the so-called 'Italian Job' as an example of the type of attacks which are increasingly emerging.

The attack succeeded in infecting tens of thousands of computers and hundreds of thousands of web pages last year.

Most of those infected were in Italy although web users in other countries were also affected as they browsed tourism sites.

It was generated by a malware kit called MPack, first detected in late 2006 and sold by Russian hackers at about US$1000 a pop.

This month Trend Micro reported on another mass web attack that has already been dubbed the 'Italian Job II'.

It has hit sites in the country hosted by one primary provider.

The domains may be of English, US, Asian or Italian origin, but so far, all are in Italian language and the majority has Italian domains.

Locations that been hit include the fan sites of Johnny Depp and the band Pearl Jam, as well as the official site of 80s pop singer Sabrina (Salerno) and the Italian Mercedes-Benz club.

Visitors to sites that have been infected are redirected to one of two malicious sites, both of which are hosted in a single IP that has been traced back to San Diego, California.

Trend believes the criminals behind the attack are from Eastern Europe.

Such international gangs are becoming increasingly sophisticated according to Justin Doo, Trend Micro's regional managing director.

"The belief is that it's organised crime, behind many of these attacks. There's money on the table. It's almost impossible to prosecute these guys because they use so many different cutouts and they launch attacks from countries with no cybercrime laws," he says.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code