FYI...Urgent block: volgo-marun .cn & sicha-linna8 .com
June 22, 2010 - "From cyberinsecure.com:
The support site of leading Chinese PC manufacturer Lenovo
has been compromised by unknown attackers who injected a rogue IFrame into the pages over the weekend
. Security researchers warn that unwary visitors looking for drivers are exposed to several exploits that install the Bredolab trojan
onto their computers.
The IFrame points to an exploit kit hosted on a domain called volgo-marun. cn
. After performing several checks to determine what vulnerable software they had installed on their computer, the visitors were served with exploits targeting older versions of Internet Explorer, Adobe Reader or Adobe Flash player... and receives commands from C&C server with domain sicha-linna8 .com