Researchers on Friday continued to monitor a widespread IFRAME attack that exploits visitors to legitimate websites by installing an information-stealing trojan on their machines.

As many as 20,000 different web pages have been impacted by the assault, which uses SQL injection to hack into vulnerable web pages and then drops a payload on users' computers that are not updated with the latest Microsoft patches, experts said.

Users may have difficulty knowing whether they are being compromised because the attack plays out behind the scenes, without any initiation required, Craig Schmugar, threat research manager for McAfee Avert Labs, told SCMagazineUS.com on Friday.

Posted by Annette King in Virus & AntiVirus News at 17:10

Someone plugging electronic gadgets such as an iPod or digital picture frame into the computer runs the risk of picking up a pre-installed virus, according to industry consultants.

Experts believe the problem stems from lax quality control, often in Chinese factories that are trying to keep costs low, through workers who plug an infected device into a factory computer used for testing.

Recent cases reviewed by the Associated Press include some of the most widely used tech devices: Apple iPods, digital picture frames sold by Target and Best Buy stores and TomTom navigation gear.

Posted by Annette King in Adware, Spyware and Trojans at 16:45