Most Malicious Software Attack Ever Using Infected Web Sites Reported

By Jim Finkle, Reuters  |  Posted 06-18-2007

BOSTON (Reuters) - In an Internet attack dubbed "The Italian Job," several thousand Italian tourism Web sites have been infected by software that quietly gains control of computers visiting them and seeks out confidential financial data, a computer security firm said on Monday.

Trend Micro Inc. said it detected more than 4,500 travel sites in Italy that have been infected as part of a scheme through which data on computers that visit those sites is being stolen and sent to a server located in Chicago, said David Perry, a spokesman for the Japan-based company.

This marks the most widespread attack ever in which malicious software has been spread by using infected Web sites, Perry said.

The rapidly spreading "Italian Job" program secretly installs so-called trojan software that takes control of a computer, recording information entered into the computer -- including credit card numbers and other personal data sought by criminals.

The compromised sites were mainly small tourism sites bearing Italian Web domains, including http://www.adriahotel.it, http://wwww.bestoftuscany.it and http://www.mothertheesacause.info.

"Do not go to these sites," Perry said.

Surfers are only vulnerable to the attack if they are using versions of Microsoft Corp.'s Internet Explorer that are not up-to-date. Updates are available at http://www.microsoft.com.

The programmers who launched the attack can control the software remotely, reprogramming it to send the information elsewhere or perform additional tasks.

"Your system belongs to them," Perry said. "If Chicago is shut down, they could move anywhere in the world."

Perry said it was not clear who the hackers were, why they targeted travel sites in Italy, one of the world's most popular tourist destinations, or how many computers had been infected by the software.

The attack, which Trend Micro first detected on Friday, was engineered using hacking software sold in Russia that costs around $700, Perry said.