Unsuspecting users who may wish to buy (or simply admire) the new Honda Accord are warned that may fall victim to a drive-by download, leading to the installation of an info-stealing malware. TrendLabs discovered today an attack on the official web site of Honda Cars in Thailand. According to Advanced Threats Researcher Jonell Baltazar, who discovered the compromise, the affected page, hxxp://www.honda.co.th:80/accord, was injected with a malicious script tag (detected by Trend Micro as HTML_IFRAME.QJ), which loads a page within the ...

Our researchers "followed the bouncing Web threat" in this newly discovered spate of hacked legitimate Web sites. Advanced Threats Researcher Paul Ferguson posted about this mass compromise on the blog yesterday, when it was still a "developing issue originating from various locations in China for the past few days that we (security researchers) are still piecing together." It appears that several thousand Web sites have been compromised -- via SQL injection -- with embedded malicious JavaScript that redirects users to two ...

In what may turn out to be an advanced one-year "toast" to the June 2007 mass infection that came to be known as the Italian Job, TrendLabs discovered 90 compromised Italian Web sites (all verified active as of this writing) at around 12:30 AM GMT. The compromised sites are varied; their only common thematic link seems to be the Italian language. According to Trend Micro analysts, the attack rolls out like this: 1. The compromised Web sites contain obfuscated JavaScript code ...

Senators Hillary Clinton and Barack Obama battle it out on all fronts, literally. The tight contest, where until now no clear frontrunner emerges, isn’t likely to be dictated by just the debates. So we see extra-political battles in different arenas. The Web would seem one likely sphere where the one hopeful nominee who dominates gains a lot. The most recent Internet-related clash between these two involved redirection: one candidate’s Web site leads users to the site of the other. Users ...

Massive iFrame attacks on top Web sites still threaten online searches. The threat is not just continuing but, according to independent Internet security researcher Dancho Danchev, is getting bigger as well. Trend Micro has recently reported two high-traffic sites that were iFramed earlier this month. The said attack relied on popular search terms that were not validated in search engines. Interestingly, this previous attack came less than a week after search results of popular Web sites ZDNet Asia and TorrentReactor were ...