USA TODAY: …A single criminal gang using computer servers located in Ukraine is responsible for the latest twist in converting legitimate websites into delivery mechanisms for “drive-by downloads,” according to Wayne Huang, chief technical officer at Armorize.
In a drive-by download, malicious software gets inserted into the Web browser of any unsuspecting Internet user who simply has navigated to a hacked Web page.
With control of the visitor’s browser, the attacker can easily install malicious software that silently harvests all account log-ons, identity data and payment card data. The PC is usually also slotted into a botnet, a network of infected “robot” PCs controlled by the bad guys, who then use it on an ongoing basis to spread spam, carry out hacktivist attacks and do other criminal activities… (more)
