From Russia without love
Security watchers have discovered a string of malicious websites that install Trojan code, allowing hackers to compromise end-user banking credentials for more than 50 financial institutions and ecommerce websites.
Thousands of surfers a day are falling victim to the sophisticated attack, net security firm Websense warns.
The websites are hosted in Germany, England, and Estonia, and use a round robin DNS, resolving to five unique IP addresses that change on each occasion. Each site hosts the same code, exploiting the MS06-014 vulnerability in a bid to install a Trojan downloader without end-user interaction.
Full story: The Register
