Popular Science Website Infected, Serving Malware
Userlevel 7
http://platform.twitter.com/widgets/follow_button.21f7daa948263c3043bab783473c3475.en.html#_=1414685236455&id=twitter-widget-0&lang=en&screen_name=TheBrianDonohue&show_count=false&show_screen_name=true&size=mOctober 30, 2014 , 7:00 amThe website of widely read Popular Science magazine is reportedly hosting a malicious script that is redirecting site visitors to a third-party domain containing an exploit kit, which is infecting users by uploading files containing malware to their machines.
To give an idea of the scope of this problem, according to estimated metrics from the site traffic analysis service Alexa, Popsci[dot]com ranks 6,297 globally and 2,234 in the U.S. in terms of total traffic.
The compromise was discovered by researchers from the Websense Security Lab, who said they contacted the IT team at Popular Science and informed them of the breach.
“The website has been injected with a malicious iFrame, which automatically redirects the user to the popular RIG Exploit Kit,” Websense researchers wrote in a report. “The exploit kit launches various exploits against the victim which – if successful – will result in a malicious executable dropped on the user’s system.”
Full Article
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.