New web threat takes advantage of iFrame vulnerability
Security firm Trend Micro said that it has discovered a new threat that is currently making the rounds on the Internet. The threat is based on an iFrame vulnerability in webpage code to plant a keylogger to steal user passwords, or turn computers into proxy servers for various other attacks.
Trend Micro said that the threat could have originated from a computer Trojan-making kit and relies on a scenario in which website owners are unaware that they are compromised, and website users are unaware that surfing through seemingly legitimate pages can actually be part of an infection process. This process, according to the security firm, involves a malicious IP address that is inserted into the HTML code (HTML_IFRAME.CU), a download of malicious Trojans (TROJ_SMALL.HCK, TROJ_AGENT.UHL, TROJ_PAKES.NC, PAKES) from another URL via a JavaScript routine.
TrendMicro said that the threat was initially detected in Italy, but apparently is making its way to the U.S.
- Linux Skype gets pushed up to 1.4 Beta
- Yahoo replaces CEO Terry Semel With Yang
- iPhone gets last minute upgrades
- Blockbuster to move high-def, offering only Blu-ray Discs
- Thais work around YouTube ban
- DARPA Scramjet hits ludicrous speed
- Survey: 19 million mobile phone users badly want an iPhone
- Stanford's "Junior" passes driving test
- Microsoft dumps Digital Image software
- Round 1 of the Paris Airshow, all Airbus
- YouTube to make stronger international presence
- Band of Bugs to march to Xbox Live Arcade
- Expedia to buy back $3.5 billion in stock
- Porsche announces $1600 mobile phone
- Google flips switch on solar power installation
- AT&T launches cell-to-cell live video
- IDC: Mass market appeal of iPhone uncertain
- Legal brilliancy, Microsoft sues Immersion
