News on the MPack Trojan Attack, and how not to be a victim

Joe Wilcox writes on Microsoft Watch today about the the MPack Trojan, which is impacting customers, primarily in Italy, Germany, Brazil and Japan. 

“This Trojan is particularly insidious, because what people might consider to be safe Websites can infect their computers. Victims aren’t necessarily visiting bad Internet.

“Compromised sites must do more than clean up their code, as the iframe tool can automatically make changes later on. The site administrator’s credentials must be changed to prevent further compromise.

“While waiting for Microsoft’s response, Website designers might want to consider doing away with inline frames.”

eWeek reports that “Researchers at Trend Micro are reporting that as many as 10,000 Web sites have been infected with malicious code that redirects unsuspecting users to a server booby-trapped with drive-by exploits—part of a wave of attacks originating in Italy and now spreading through Europe.

What can you do?

Microsoft continues to encourage customers to follow all of the steps of the ‘Protect Your PC‘ guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software.

North American customers suspecting infection can obtain free, Microsoft security support by call 1-866-PCSAFETY.

And see my past note on how there’s no immunity from security vulnerabilities.

More info:

Tags: , , , , .