BusinessWeek website compromised

Share this article:

The BusinessWeek magazine website has been infected with code that could redirect visitors to malicious servers.

The site's infection seems to be a classic SQL injection attack -- code injected into servers feeding the site link to a Russian domain that could download malware onto the computers of the website's users.

The infection seems to have been in place for some time. According to Google Safe Browsing, “Of the 2,157 pages tested on the site over the past 90 days, 214 pages resulted in malicious software being downloaded and installed without user consent.”

The Google summary reports that some 11 domains appear to be functioning as intermediaries for distributing malware to visitors of the site.

BusinessWeek has responded in a release that said, "Online security is a top priority and, while we continue to investigate the matter, we are confident that our readers' personal information has not been compromised."

This threat and others like it seem to be spreading.

According to a blog entry by Graham Cluley, senior technology consultant at Sophos, “Over 16,000 new infected webpages are discovered every single day. That's one every five seconds -- three times faster than the rate during 2007.”

According to Ryan Barnett, director of application security at Breach Security, the underlying issue centers on mass SQL injection bots.

“The vulnerabilities are at the web application, which may not be doing proper validation, or at the database itself, which may allow users too high level a privilege,” he told SCMagazineUS.com. “It also could be that a web application encodes data coming back from the server improperly, so that the browser can be tricked – it does not know that it is not supposed to execute the malicious code.”

He added: “These three factors are behind the attacks. All three have to be in place, and unfortunately at a lot of sites they are.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.