Streaming sites operated by the BBC were hacked on Tuesday so they silently served visitors with malware, researchers from security firm Websense said.
An iframe tag on the BBC's 6 Music and 1Xtra websites injected an exploit that was housed on a website with an address ending in cc, a top level domain for the Cocos Islands. The malicious binary was generated by the Phoenix exploit kit, which dates back to 2007 and streamlines malware infections by collecting detailed statistics.
“If an unprotected user browsed to the site they would be faced with drive-by downloads, meaning that simply browsing to the page is enough to get infected with a malicious executable,” Websense researchers wrote in a blog post.
A VirusTotal scan showed that only 12 of the top 43 antivirus products detected the threat
More details - link
An iframe tag on the BBC's 6 Music and 1Xtra websites injected an exploit that was housed on a website with an address ending in cc, a top level domain for the Cocos Islands. The malicious binary was generated by the Phoenix exploit kit, which dates back to 2007 and streamlines malware infections by collecting detailed statistics.
“If an unprotected user browsed to the site they would be faced with drive-by downloads, meaning that simply browsing to the page is enough to get infected with a malicious executable,” Websense researchers wrote in a blog post.
A VirusTotal scan showed that only 12 of the top 43 antivirus products detected the threat
More details - link
