"According to reports, thousands of Web sites, predominantly in Italy,
were recently compromised using the MPack malware kit, which contained
iframe tags that pointed surfers towards hacker-controlled Web sites.
A security researcher at the SANS Institute's Internet Storm
Centre says that only one of the Web sites hosted on the machine had to
contain a vulnerable PHP script for the rest of the sites to become
infected and often the root cause of the problem is when a Web hosting
provider doesn't spend as much as it could on necessary hardware to add
an extra layer of protective virtualization. The researcher adds that a
good precaution to take is to make sure the hosting provider uses
chroot or suExec, which ensures that individual Web sites are not
compromised by others sharing the same physical server."
Article Link: http://www.thewhir.com/marketwatch/070507_MPack_Reveals_Stingy_Web_Hosts.cfm
