Tuesday, September 23, 2008

BusinessWeek plays host to malware

If you've been browsing the BusinessWeek website recently, you might want to check your system for nasty bugs: it's infected with malware.

At least, that's what Sophos spokesman Graham Cluley is saying. As reported by CNet, Cluley claims to have evidence that a section of BusinessWeek's site – aimed at providing information on what companies poach employees from what MBA programmes – has been attacked by a malicious cracker. Rather than the more usual – and juvenile – defacement common of such attacks, the perpetrator has left behind malicious code which attempts to coerce visiting browsers into downloading and installing a malware package from a Russian website.

The malware was placed on the site as a result of an SQL injection attack – a method of exploiting vulnerabilities in the way certain web applications accept input in such a way to directly affect the database backend – by an unknown assailant. More worryingly, the site is – at the time of writing – still affected by the attack, although the Russian website hosting the malware is currently offline.

Cluley claims to have alerted BusinessWeek to the issue a full week ago, but the code is still present. He states that companies like BusinessWeek who are "hit by SQL Injection attacks need to move fast to not only remove the malicious scripts, but also to ensure that they do not get infected again" as failure to find the root cause of the problem – usually a web application that is failing to sanitise its inputs properly – means companies which have "been struck by such an attack often clean-up their database, only to be infected again a few hours later."

How much trust do you place in the websites you visit? Are viruses things that only happen to people browsing pr0n, or do we all need to be a little paranoid about our browsing habits? Share your thoughts over in the forums.

  • Eliminating eavesdropping
  • Trojan modifies routers’ DNS
  • NEC launches embedded Linux
  • Mozilla considers tracking Firefox browsing habits
  • 0 comments: