MSNBC Turkish site caught serving malware

Summary:Websense is reporting that MSNBC's Turkish site was caught in a mass defacement hacker attack that redirected readers to exploit servers hosted in China.

Websense is reporting that MSNBC's Turkish site was caught in a mass defacement hacker attack that redirected readers to exploit servers hosted in China.

From a Websense alert:

At the time of this writing, the site was infected with malicious code designed to infect the site's visitors through the use of an external JavaScript file. The file contained the malicious JavaScript code that was hosted in China.

Visitors to the Web site were infected with an exploit code tailored to their browser. Assuming that the visitors were vulnerable, password stealing code was installed and executed on their desktops, without requiring any user intervention...

This is a Microsoft site, hosted by a partner. We are actively working with Microsoft's security personnel to fix the issue.

MSNBC Turkish site serving drive-by malware

The SANS Internet Storm Center is reporting that the infection occurred via SQL injection.

From my checks, it appears that the MSNBC Turkish site is now clean and the Chinese exploit server is down.

Topics: Security, Browser, Malware, Software Development

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.