Used Windows in the last 10 seconds?
Yup, you might have fetched more than just cat vids/pron/articles....
FTFY.
Third bathroom reading material The Economist served malware from its website via the compromised PageFair network. The biz mag today alerted readers that it put their PCs at risk last weekend. "If you visited economist.com at any time between Oct. 31, 23:52 GMT and 01:15 GMT, Nov. 1, using Windows OS and you do not have …
I'm not really trying to be funny, and I expect I didn't succeed. But what this implies is that every time we shake the hand of someone out in internet-land we should immediately get out the wipes. Probably too late in any case.
Perhaps we should run every copy of our personal computers (tablets, phones, whatevers) as one-offs. Ready to wipe several times a day. Refreshed with virgins (non-sexed) every few hours. Of course, no one knows where those virgins have been before becoming our new best friends.
"Team Economist advises that anyone who received what appeared to be a Flash update from the website should change all of their passwords on their computer, and notify their banks and other financial institutions to check for suspicious activity."
I hope they told their readers to get rid of the nasty before they changed their passwords, otherwise it's a bit pointless. Of course I could go to the Economist site & see for myaself exactly what they said but I think I'll give that a miss.
If any of their readers sustains damage from this who's going to be liable, the Economist or PlayFair?
Why choose? Make them both pay. One to cover the cost of the additional credit monitoring services they also should have recommended and the should pay the monetary compensation to the compromised users. I think 3 years is the standard for these sorts of things at the moment. No, I don't think you should have to prove you were infected. Visiting their site during the time interval should be sufficient.
"anyone who received what appeared to be a Flash update from the website should change all of their passwords on their computer"
I've just checked via $eselect news read new, and I don't have any exhortations to update my Flash thingie. Sounds like a good excuse to reset all Windows using folk's passwords. I can probably intimate iStuff owners as well - hillarious. Damn, I'm so smug - it hurts.
I wonder if I'm still the only root user on my computers ...
Though I realise the PageFair incompetence is nothing to do with Adobe, I cannot help remarking that when I see "You cannot play this content because you do not have Adobe Flash installed" or equivalent, I wish for a button reading "And that's the way I like it" that would send an electric shock to everyone who ever thought that a content playing system should be allowed to run any kind of external executable - no matter how convenient.
Why does PageFair employ n00bs who fall for email scams in the first place? It's OK for non-techies to be gullible but not people who work for internet based companies. They should have proper procedures in place so if they get an email from 'Tech Support' to verify their mother's maiden name, then (a) their spam filter should have dumped it and (b) they should question why does tech support need *any* information from me.
Morons and their advertising scumware.
I'm not even going down the route of underpaid employee got a few greenbacks from a third party...