The security vendor Trend Micro announced Thursday that the company's website had been hacked earlier in week. Mike Sweeny, a Trend Micro spokesman said "We took the pages down overnight Tuesday night - and took corrective action." [more]
On Thursday security vendor McAfee reported that more than 20,000 Web pages have been affected by the attack. The pages are infected with malicious code that tries to install password-stealing software on the PCs of people who visit the sites.
Researchers are still not sure how the attackers are managing to hack these Web pages, but the pages all seem to use Microsoft's Active Server Page (ASP) technology, which is used by many Web development programs to create dynamic HTML pages. A software bug in any of those programs is all the attackers need to install their malicious code. The infected Web pages are not obviously malicious, but the attackers have added a small bit of JavaScript code that redirects visitors' browsers to an invisible attack launched from servers based in China. The JavaScript attack code hosted on these infected Web sites takes advantage of bugs that have already been patched, so users whose software is up-to-date are not at risk. However, McAfee warns that some of the exploits are for obscure programs such as ActiveX controls for online games, which users may not think to patch.
For more information visit http://www.networkworld.com/news/2008/031408-trend-micro-hit-by-massive.html?fsrc=rss-security or http://www.infoworld.com/article/08/03/14/Trend-Micro-hit-by-massive-Web-hack_1.html