A malware distribution and attack kit sold commercially through underground channels on the Internet has compromised hundreds of thousands of systems in the past six months, including an epidemic of infections that hit Italian Web servers this past weekend, according to security and antivirus firms.

Known as Mpack, the kit consists of commercial-grade software components written in the PHP Web programming language and apparently sold by a group of Russian programmers. The software, which comes with a year of support, was first mentioned in an analysis penned by antivirus firm Panda Software. In mid-May, Panda stated that the software had compromised at least 160,000 computers.