7526 11 3 econsultancy_xml <p>Some 80% of affected sites were Italian, and many of them part of the country's vital tourist trade.</p> <p>The malicious software installed a <a href="http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=HTML%5FIFRAME%2ECU">HTML iFrame</a> on web pages that opened a tool called MPack on users' machines that exploits known bugs via Internet Explorer.</p> <p>It then sought to install a keylogger and a download channel so that authors can monitor users' activity and install further software. Data captured from users is reportedly sent to a server in Chicago.</p> <p>Japan-based Trend Micro, which <a href="http://itw.trendmicro.com/index.php?id=26&amp;blogid=1212">discovered</a> the first attacks, said it found over 4,500 travel sites in Italy had been infected, including http://www.adriahotel.it, http://wwww.bestoftuscany.it and <a href="http://www.mothertheesacause.info">http://www.mothertheesacause.info</a>.</p> <p>The firm's David Perry said the <a href="http://us.trendmicro.com/us/about/threat-level/">perpetrators</a> had used software to carry out the attack that was originally bought in Russia.</p> <FormattedContent xmlns="http://www.e-consultancy.com/schema/formattedContent/"> <Paragraph>Some 80% of affected sites were Italian, and many of them part of the country's vital tourist trade.</Paragraph> <Paragraph>The malicious software installed a <Link URL="http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=HTML%5FIFRAME%2ECU" Window="New">HTML iFrame</Link> on web pages that opened a tool called MPack on users' machines that exploits known bugs via Internet Explorer.</Paragraph> <Paragraph>It then sought to install a keylogger and a download channel so that authors can monitor users' activity and install further software. Data captured from users is reportedly sent to a server in Chicago.</Paragraph> <Paragraph>Japan-based Trend Micro, which <Link URL="http://itw.trendmicro.com/index.php?id=26&amp;blogid=1212" Window="New">discovered</Link> the first attacks, said it found over 4,500 travel sites in Italy had been infected, including http://www.adriahotel.it, http://wwww.bestoftuscany.it and <Link URL="http://www.mothertheesacause.info" Window="New">http://www.mothertheesacause.info</Link>.</Paragraph> <Paragraph>The firm's David Perry said the <Link URL="http://us.trendmicro.com/us/about/threat-level/" Window="New">perpetrators</Link> had used software to carry out the attack that was originally bought in Russia.</Paragraph> </FormattedContent> 2007-06-19T09:16:00+01:00 1 1 econsultancy_xml <p> <strong>Italy's online tourism industry was thrown into chaos when thousands of tourism websites were shut down by a software infection that takes over users' computers.</strong> </p> <p>Nicknamed 'The Italian Job' by security experts, the attack began last week and claimed around 10,000 sites by Monday morning.</p> <FormattedContent xmlns="http://www.e-consultancy.com/schema/formattedContent/"> <Paragraph> <Emphasis>Italy's online tourism industry was thrown into chaos when thousands of tourism websites were shut down by a software infection that takes over users' computers.</Emphasis> </Paragraph> <Paragraph>Nicknamed 'The Italian Job' by security experts, the attack began last week and claimed around 10,000 sites by Monday morning.</Paragraph> </FormattedContent> false 1376 363601 Italian tourism crippled by malicious web bug false 2007-06-19T09:58:00+01:00 italian-tourism-crippled-by-malicious-web-bug 2009-04-28T22:52:01+01:00 2009-04-28T22:52:01+01:00 304