Popular Science Website Infected, Serving Malware

  • 30 October 2014
  • 0 replies
  • 159 views

Userlevel 7

http://platform.twitter.com/widgets/follow_button.21f7daa948263c3043bab783473c3475.en.html#_=1414685236455&id=twitter-widget-0&lang=en&screen_name=TheBrianDonohue&show_count=false&show_screen_name=true&size=mOctober 30, 2014 , 7:00 amThe website of widely read Popular Science magazine is reportedly hosting a malicious script that is redirecting site visitors to a third-party domain containing an exploit kit, which is infecting users by uploading files containing malware to their machines.
To give an idea of the scope of this problem, according to estimated metrics from the site traffic analysis service Alexa, Popsci[dot]com ranks 6,297 globally and 2,234 in the U.S. in terms of total traffic.
 
The compromise was discovered by researchers from the Websense Security Lab, who said they contacted the IT team at Popular Science and informed them of the breach.
“The website has been injected with a malicious iFrame, which automatically redirects the user to the popular RIG Exploit Kit,” Websense researchers wrote in a report. “The exploit kit launches various exploits against the victim which – if successful – will result in a malicious executable dropped on the user’s system.”
 
 
Full Article
 

0 replies

Be the first to reply!

Reply