Feeds

back to article Hacked BBC streaming websites serve up malware

Streaming sites operated by the BBC were hacked on Tuesday so they silently served visitors with malware, researchers from security firm Websense said. An iframe tag on the BBC's 6 Music and 1Xtra websites injected an exploit that was housed on a website with an address ending in cc, a top level domain for the Cocos Islands. …

COMMENTS

This topic is closed for new posts.
Linux

"malicious binary"

oh no if only my OS had some kind of protection against that.... oh wait, it does.

7
15
Joke

Stop showing off!

Bloody fanbois! You can be nearly as bad as those Appletards sometimes!

0
0
Happy

Penguin Brains

Dick Head,

what ever, yawn.

How old are you, Ten ?

ALF

0
1
Thumb Down

Dick Head???

How old are you, Ten ?

1
0

Versions?

The linked list just mentions 'Microsoft - v1.6502'. Is this MS Security Essentials which is currently v1.97 or some other MS product?

0
0
FAIL

It isn't the first time..

It isn't the first time this has happened.. http://www.theregister.co.uk/2010/09/09/google_radio3_malware_warning/

0
0

Sad

And u wonder why people think Linux users are sad.....

1
4
Silver badge
Paris Hilton

What I'm Wondering

Is what you are on about.

2
0
Stop

Sadder

I wonder why people think any platform is any safer than any other.

They all have their problems and in the hands of a luser they're all just as stuffed.

2
0
Silver badge

6music

Were both listeners affected?

5
2
Coat

What, for this little post?

"Were both listeners affected?"

I'm fine so it must have been the other one...

1
0
Silver badge
Pint

thanks.

I needed a good laugh today.

0
0
Gold badge
Coat

Detection results.

I see that Panda, Trend and Kaspersky are all in the "spotted it" category.

I guess if you throw enough false positives, sometimes you get lucky.......

0
0

And what bad things did this particular malware do?

Not clear from the article or from the report. Wipe your files? Use your machine as a spambot? For example. It's worrying that a trusted site can be compromised and worth knowing what the threat is.

0
0
Alert

Inside job?

"Websense didn't say how attackers managed to plant the wayward iframe on the BBC's sites."

A large axe hanging over your head with "redundancy" written on it can inspire all sorts of things........

0
0
Stop

Don't use VirusTotal for detection comparison

VirusTotal itself says that you shouldn't use it to compare detection capabilities.

See http://www.virustotal.com/about.html#importantnotes

-quote-

Those who use VirusTotal to perform AV comparative analyses should know that they are making many implicit errors in the methodology, the most obvious being:

* VirusTotal AV engines are commandline versions, so depending on the product, they will not behave exactly the same as the desktop versions: for instance, desktop solutions may use techniques based on behavioral analysis and count with personal firewalls that may decrease entry points and mitigate propagation, etc.

* In VirusTotal desktop-oriented solutions coexist with perimeter-oriented solutions; heuristics in this latter group may be more aggressive and paranoid, since the impact of false positives is less visible in the perimeter. It is simply not fair to compare both groups.

-end quote-

Sophos has been blocking the site linked to by the script on the BBC website since 20:42 GMT on 9 February 2011, for instance. But VirusTotal doesn't test that way so it won't know that we'd pick it up as Troj/ExpJS-BO and Mal/IFrame-F.

:-(

1
0
Big Brother

Serve's 'em right for engaging with the commietards at the bbc

Scrap the bbc tax*

*a.k.a. licence fee

0
1

British broadcasting worldwide made peace acceptance.

I never thought they'd get the beeb, they're gonna get the beeb aren't they. We're no more then boys as a nation. You'll rot with your sky drivel.

0
0
This topic is closed for new posts.