When Websense posted on Monday about how AskMen.com – a website that attracts more than 10 million visitors each month – was redirecting users to Caphaw malware, an AskMen.com spokesperson told SCMagazine.com a day later that it was not the case.
On Thursday, AskMen.com changed its stance, explaining in a statement emailed to SCMagazine.com that malware surfaced on its servers a day later.
“All viruses from the AskMen.com site have been eliminated and we're keeping a sharp eye for similar threats going forward,” according to the statement. “We estimate that a very small percentage of our readers may have been exposed to the malware (approximately 0.1% of our readers).”
On Tuesday, Alex Watson, director of research with Websense, told SCMagazine.com that attackers likely compromised the website using a local vulnerability, such as cross-site scripting (XSS).