BusinessWeek website compromised

Share this article:

The BusinessWeek magazine website has been infected with code that could redirect visitors to malicious servers.

The site's infection seems to be a classic SQL injection attack -- code injected into servers feeding the site link to a Russian domain that could download malware onto the computers of the website's users.

The infection seems to have been in place for some time. According to Google Safe Browsing, “Of the 2,157 pages tested on the site over the past 90 days, 214 pages resulted in malicious software being downloaded and installed without user consent.”

The Google summary reports that some 11 domains appear to be functioning as intermediaries for distributing malware to visitors of the site.

BusinessWeek has responded in a release that said, "Online security is a top priority and, while we continue to investigate the matter, we are confident that our readers' personal information has not been compromised."

This threat and others like it seem to be spreading.

According to a blog entry by Graham Cluley, senior technology consultant at Sophos, “Over 16,000 new infected webpages are discovered every single day. That's one every five seconds -- three times faster than the rate during 2007.”

According to Ryan Barnett, director of application security at Breach Security, the underlying issue centers on mass SQL injection bots.

“The vulnerabilities are at the web application, which may not be doing proper validation, or at the database itself, which may allow users too high level a privilege,” he told SCMagazineUS.com. “It also could be that a web application encodes data coming back from the server improperly, so that the browser can be tricked – it does not know that it is not supposed to execute the malicious code.”

He added: “These three factors are behind the attacks. All three have to be in place, and unfortunately at a lot of sites they are.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.