Hacked BBC streaming websites serve up malware
Streaming sites operated by the BBC were hacked on Tuesday so they silently served visitors with malware, researchers from security firm Websense said. An iframe tag on the BBC's 6 Music and 1Xtra websites injected an exploit that was housed on a website with an address ending in cc, a top level domain for the Cocos Islands. …
This topic is closed for new posts.
"malicious binary"
oh no if only my OS had some kind of protection against that.... oh wait, it does.
Stop showing off!
Bloody fanbois! You can be nearly as bad as those Appletards sometimes!
Penguin Brains
Dick Head,
what ever, yawn.
How old are you, Ten ?
ALF
Versions?
The linked list just mentions 'Microsoft - v1.6502'. Is this MS Security Essentials which is currently v1.97 or some other MS product?
It isn't the first time..
It isn't the first time this has happened.. http://www.theregister.co.uk/2010/09/09/google_radio3_malware_warning/
Sad
And u wonder why people think Linux users are sad.....
Sadder
I wonder why people think any platform is any safer than any other.
They all have their problems and in the hands of a luser they're all just as stuffed.
What, for this little post?
"Were both listeners affected?"
I'm fine so it must have been the other one...
Detection results.
I see that Panda, Trend and Kaspersky are all in the "spotted it" category.
I guess if you throw enough false positives, sometimes you get lucky.......
And what bad things did this particular malware do?
Not clear from the article or from the report. Wipe your files? Use your machine as a spambot? For example. It's worrying that a trusted site can be compromised and worth knowing what the threat is.
Inside job?
"Websense didn't say how attackers managed to plant the wayward iframe on the BBC's sites."
A large axe hanging over your head with "redundancy" written on it can inspire all sorts of things........
Don't use VirusTotal for detection comparison
VirusTotal itself says that you shouldn't use it to compare detection capabilities.
See http://www.virustotal.com/about.html#importantnotes
-quote-
Those who use VirusTotal to perform AV comparative analyses should know that they are making many implicit errors in the methodology, the most obvious being:
* VirusTotal AV engines are commandline versions, so depending on the product, they will not behave exactly the same as the desktop versions: for instance, desktop solutions may use techniques based on behavioral analysis and count with personal firewalls that may decrease entry points and mitigate propagation, etc.
* In VirusTotal desktop-oriented solutions coexist with perimeter-oriented solutions; heuristics in this latter group may be more aggressive and paranoid, since the impact of false positives is less visible in the perimeter. It is simply not fair to compare both groups.
-end quote-
Sophos has been blocking the site linked to by the script on the BBC website since 20:42 GMT on 9 February 2011, for instance. But VirusTotal doesn't test that way so it won't know that we'd pick it up as Troj/ExpJS-BO and Mal/IFrame-F.
:-(
Serve's 'em right for engaging with the commietards at the bbc
Scrap the bbc tax*
*a.k.a. licence fee
British broadcasting worldwide made peace acceptance.
I never thought they'd get the beeb, they're gonna get the beeb aren't they. We're no more then boys as a nation. You'll rot with your sky drivel.
This topic is closed for new posts.
