Italian tourism crippled by malicious web bug

Italy’s online tourism industry was thrown into chaos when thousands of tourism websites were shut down by a software infection that takes over users’ computers.

Nicknamed ‘The Italian Job’ by security experts, the attack began last week and claimed around 10,000 sites by Monday morning.

Some 80% of affected sites were Italian, and many of them part of the country’s vital tourist trade.

The malicious software installed a HTML iFrame on web pages that opened a tool called MPack on users’ machines that exploits known bugs via Internet Explorer.

It then sought to install a keylogger and a download channel so that authors can monitor users’ activity and install further software. Data captured from users is reportedly sent to a server in Chicago.

Japan-based Trend Micro, which discovered the first attacks, said it found over 4,500 travel sites in Italy had been infected, including, and

The firm’s David Perry said the perpetrators had used software to carry out the attack that was originally bought in Russia.