TrendLabs received reports that several Web sites in Japan — including a popular music download site and a music company site — have been found injected with malicious code.

As we have been learning the past few days, getting hacked is becoming a—sadly—more frequent, but no less dangerous, threat for Web site owners. More importantly, users browsing these compromised sites are put in harm’s way, as hackers inject these codes to eventually plant backdoors and spyware in users’ PCs.

Analyses by our engineers reveal that these compromises are actually related to previously reported mass SQL injection attacks. Three distinct malicious domains have been identified, all of which lead to the download of malicious files on the affected system.

They are the following:

• nihaorr1(dot)com
• bluell(dot)cn
• 9i5t(dot)cn

We call them “known malicious domains” because we have seen already these in the attacks that we blogged about here and here. Apparently the reach of these attacks is growing wider, suggesting indeed that an automated tool is being used to seek out vulnerable sites that can then be hijacked to redirect users. And the scarier implication: that no weakly-coded site is safe.

These domains, needless to say, have already been blocked by our Web Threat Protection technology, one even as early as April 24, when it was first seen to be involved in these malicious stunts. Trend Micro users are thus protected from this attack. Other users are advised to be wary when surfing the Internet, and make sure that their endpoint security products and security patches are up to date.

Trend Micro has just launched a new, dedicated threat center to help computer users stay informed and ahead of the latest threats! From the start of 2005 to the end of March 2008, Trend Micro tracked a 1731% growth in Web threats. It’s important that we make information about all these threats as accessible as possible to all our Web site visitors and so created TrendWatch, a new threat information center from Trend Micro.

Have you ever wanted answers to questions like:

• What percentage of Web sites is malicious?
• How much is a cybercriminal willing to pay for 1 million unverified email addresses?
• Which threat is most prominent in my country?
• How can users stay secure while browsing the Web?
• Which ISP allows the most spam to be sent through their network?
• How does TrendLabs operate, and where?

You can also type this onto your URL address bar: http://itw.trendmicro.com

If you want the actual answers to the questions above, visit these TrendWatch sections:

• Pollution Tracker - a visual representation of how many Web sites are being monitored and how many malicious files are being scanned by our technology
• Underground Economy statistics - charts displaying the current prices paid for stolen data in the cyber underground
• Web Threat of the Day - threat reports designed to help educate and raise awareness of the hottest new threats
• Internet security videos and podcasts - see and hear Global Director of Education David Perry discuss Malware 101, plus our other experts
• Spam & Botnet Watch - see top ISPs worldwide ranked according to spam volumes

Visit TrendWatch, a threat center designed just for you! Powered by data from TrendLabs, Trend Micro’s global network of research, service and support centers, TrendWatch is is a central resource providing the latest information about threats, plus updates on new technologies and access to security tools.

Experience Trend Micro, visit TrendWatch today!