X
Business
Home Business Companies Microsoft

Ninemsn injected with malicious code: Websense

Security technology company Websense this week claimed that one of Australia's most highly trafficked websites, ninemsn, had been compromised by an outside party and injected with "malicious code", although the problem area has now been removed from the site.
Written by Renai LeMay, Contributor

Security technology company Websense this week claimed that one of Australia's most highly trafficked websites, ninemsn, had been compromised by an outside party and injected with "malicious code", although the problem area has now been removed from the site.

In a statement on its site, Websense said the code was "hidden deep within" ninemsn's advertisement engine and was served on request. The security company claimed the code could be identified as part of the Gumblar virus, which first appeared in 2009.

Ninemsn — which operates as a joint venture between PBL Media and Microsoft — is one of the largest sites in Australia, with a claimed audience of over 9.7 million people (as at July 2009) visiting the site each month. That figure, according to the site, represents 69 per cent of Australia's "active internet audience".

Websense said the injected code led to a site that had also been compromised by Gumblar, and that it was specifically hidden within the banner advertisement script for the Women's Weekly publication.

"At this time, the malicious code isn't available or reachable, but this could change at any time," Websense said. "An interesting implication is that this ad can be dynamically served on multiple web pages within ninemsn. This is unlike a typical injection where websites are compromised in a single static page; in this case, the infected banner ad can be pulled to various locations within the site, serving its malicious purpose silently."

Ninemsn has not yet responded to an emailed request for comment on the issue, but Websense said it had contacted Microsoft after discovering the attack. "The ad banner has now been removed from the ninemsn support site," the security firm said.

The news comes as online infrastructure has come under increasing attack in Australia through various avenues. For example, the loose coalition of individuals known only as "Anonymous" spent part of last week attacking federal government websites as part of a distributed denial-of-service attack to protest the proposed internet filtering initiative.

Editorial standards
Show Comments

Related

Anker Solix X1

Not into the Tesla Powerwall? You can now buy the Anker Solix X1

windows-11-laptop

Microsoft is now showing ads in Windows 11's Start menu. Here's how to block them

Placeholder product image alt text

The best AI image generators to try right now