Can we get more details on this.
On Feb 16, 8:22 pm, Sandeep Thakur <[email protected]> wrote: > Streaming sites operated by the BBC were hacked on Tuesday so they > silently served visitors with malware, researchers from security firm > Websense said. > > An iframe tag on the BBC's 6 Music and 1Xtra websites injected an > exploit that was housed on a website with an address ending in cc, a > top level domain for the Cocos Islands. The malicious binary was > generated by the Phoenix exploit kit, which dates back to 2007 and > streamlines malware infections by collecting detailed statistics. > > “If an unprotected user browsed to the site they would be faced with > drive-by downloads, meaning that simply browsing to the page is enough > to get infected with a malicious executable,” Websense researchers > wrote in a blog post. > > A VirusTotal scan showed that only nine of the top 43 antivirus > products detected the threat. > > The discovery continues the trend of using legitimate websites to > propagate malware. Who needs to lure marks to fake sites when popular > ones are easy to compromise? > > Websense didn't say how attackers managed to plant the wayward iframe > on the BBC's sites. More often than not, the rogue links are added > with the help of SQL injection attacks or, less often, by exploiting > compromised passwords -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
