Radware (NASDAQ: RDWR), the leading global provider of integrated application delivery solutions for business-smart networking, announced the release today of an immediate protection against the "Italian Job" web attack.
Online criminals have launched a widespread Web attack that has turned tens of thousands of legitimate Web sites into weapons. The attack began late last week and by Monday morning, more than 10,000 Web sites had been compromised, mostly Italian web sites. The compromised web sites, which are legitimate commercial and government sites, contain a short piece of HTML "iFrame" code that redirects the victim's Web browser to a server that attempts to infect the victim's computer using a tool called "MPack."
MPack is a massive exploitation toolkit equipped with a variety of client-oriented web exploits, which once deployed within a website, results in an instant infection of every vulnerable visitor with a previously chosen malware. MPack installs a keylogger and a Trojan downloader program on the victim PCs so that the attackers can monitor the victim's activity and extract user sensitive information such as credit cards, bank accounts and more as well as running other unauthorized programs on the computer. MPack can exploit vulnerabilities in Internet Explorer, Firefox, and even the Opera browser.
Radware has issued an emergency signature update providing immediate protection against the MPack toolkit for web sites compromised by this tool. Radware DefensePro IPS protects against exploiting the specific vulnerabilities used by the MPack tool and blocks access to the MPack administrator management interface preventing the attacker from further communication with the compromised web sites. It also detects the obfuscation methods used by MPack for concealing its exploitation attempts.
"Once again, Radware's Security Operation Center is the first to publish protection against breaking threats," said Itzik Kotler, Radware Security Operation Center Leader. "As new exploits appear, new MPack program updates are released to infect as many computers as possible. By performing reverse engineering of the MPack toolkit and revealing the obfuscation method it uses for infection, we managed to provide robust protection against future releases as well."
To learn more about Radware's DefensePro IPS click www.radware.com/content/products/dp/default.asp.
About Radware
Radware (NASDAQ:RDWR), the global leader in integrated application delivery solutions, assures the full availability, maximum performance, and complete security of business-critical applications for more than 5,000 enterprises and carriers worldwide. With APSolute, Radware's comprehensive and award-winning suite of intelligent front end, access, and security products, companies in every industry can drive business productivity, improve profitability, and reduce IT operating and infrastructure costs by making their networks "business smart". For more information, please visit www.radware.com.
This press release may contain forward-looking statements that are subject to risks and uncertainties. Factors that could cause actual results to differ materially from these forward-looking statements include, but are not limited to, general business conditions in the Application Switching industry, changes in demand for Application Switching products, the timing and amount or cancellation of orders and other risks detailed from time to time in Radware's filings with the Securities and Exchange Commission, including Radware's Form 20-F.
Meir Moshe, Radware Ltd.; 011-972-3766-8610 or
meirm@radware.com
Investor Relations: Dennis S. Dobson; 203-255-7902 or
IR@radware.com