Asia was the region most targeted by computer threats in May

بيتيا ، NotPetya ، GoldenEye.  لا يهم الاسم إلا أن الفيروس لا يزال يعيث فسادا

The commemoration of the anniversary of the Italian Job, information theft and several attacks on sites Asians were some of the security threats detected by Trend Micro during last May.

After a year since the famous Italian Job attack, and in an apparent attempt to celebrate his birthday, a similar attack has been committing some 90 sites Italians, all with a common server in Italy, the same one that gave rise to last year’s actions. TrendLabs laboratories detected two formats in this threat: one through a script integrated in the message, which redirects to a certain malicious URL, and another through an iFrame and the same script.

But the malicious actions during May 2008 mainly targeted the Asian continent. In China about 9,000 sites were attacked earlier this month through an SQL injection with JavaScript that redirects users to two malicious URLs. Among these web pages were sites legitimate medical, educational, government and entertainment from around the world.

Attacks on 19 May followed sites in Chinese, in a deliberate action against China, Taiwan, Singapore and Hong Kong. Search results on Google at the time of the attack showed that 327,000 pages contained the script malicious, Trend Micro said in a statement.

On the same date, another set of attacks was discovered, involving at least four web pages from different affiliations and different countries. These contained malicious JavaScript that redirected to two sites. Eventually both led to their own series of redirects and finally to download and execution of malware, an backdoor and Trojan, respectively.

Two days later, hundreds of thousands of sites were again compromised with malicious JavaScript code, some of which were from the Asia and Pacific region. Apparently the hackers carried out another massive SQL injection attack. A Google search for malicious URLs yielded 197,000 results.

On May 22nd, Trend Micro reports the malicious code contamination of several sites in Japan, including a popular download music and a record company.

Related News:

2008-01-08 – Computer threats in December take advantage of the parties