More than 200 Web sites — many of them belonging to legitimate businesses — have been hacked and seeded with code that tries to take advantage of a unpatched security hole in Microsoft’s Internet Explorer Web browser to install hostile code on Windows computers when users merely visit the sites.
This is a Zero Day Exploit and AV software is apparently not picking this up yet (Norton in particular is mentioned).
The sites that are being explointed are NOT warez or sites with questionable content. They are:
According to a list obtained by Security Fix, hackers have infected at least 200 sites, many of which you would not normally expect to associate with such attacks (i.e., porn and pirated-software vendors). Among the victims are a regional business council in Connecticut, a couple of vacation resorts in Florida, a travel-reservation site, an online business consultancy, an insurance company, and a site featuring things to do at various cities across the country.
On Friday, hackers broke into the Web site of shipping company DLPromotionFreight.com and planted code that attempted to use the flaw to steal user names and passwords stored by IE. Yaniv Zahavi, chief technology officer for Intermakers Inc., the Plantation, Fla., company that manages the site, said it appears that only a handful of customers browsed the site during the few hours the attack code was present.
Very important … must read if you use Internet Explorer for browsing.