BBC Sites Serving Malware

The websites of the BBC’s 6 music and 1Xtra radio stations
have been injected with a malicious iframe and are redirecting users to a site
serving up malware according to a Websense report Tuesday.

BBCThe websites of the BBC’s 6 music and 1Xtra radio stations
have been injected with a malicious iframe and are redirecting users to a site
serving up malware according to a Websense report Tuesday.

The iframe, on both the BBC 6 music and 1Xtra webpages, is
loading code from a malicious website from the .co.cc TLD. As the malware is
being pushed through drive-by downloads, just browsing the page is enough for
an unprotected or inadequately protected user to become infected with a
malicious executable.

Visitors are being logged by the authors and the payload is
being delivered to the end user only once. The Phoenix
exploit kit
provided the exploits being used to deliver the code.

VirusTotal,
a service that analyzes suspicious files and URLs, reports that detection rate
of this file is currently at 20%.

This particular attack appears to be part of a
mass-injection campaign targeting vulnerable sites.

Suggested articles

Discussion

  • bunk on

    Nice heads up on the BBC sites. But oh boy, stats from VirusTotal? Brian, those vtotal numbers are confusing the issue, please don't post them again as though the samples are not being detected by security packages. Virustotal scanning performance is not the equivalent performance of desktop security software.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.