Is The IndiaTimes Website Bombarding Visitors With Malware?

from the can't-be-good-for-repeat-business dept

While it's well known that less well known sites may have been set up to maliciously install malware on your computer, most people assume (reasonably so) that larger, more well known sites are most likely safe to visit. However, one security firm is out raising the alarm that the English-language website of the India Times, a popular newspaper in India (which we've linked to multiple times in the past), is apparently chock full of risky pages that exploit various security vulnerabilities to try to download hundreds of malware apps to your computer. The security firm apparently first noticed this a few weeks ago, but didn't realize the severity until now. What's unclear from the description is how this is actually happening. We've heard stories in the past of scammers hacking into ad servers and serving malicious code that way, but there's no real indication that that's what's happening in this case.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    EXrider, Nov 12th, 2007 @ 2:31pm

    anywho.com

    I remember anywho.com serving up a trojan via some unpatched ActiveX exploit to a bunch of people in our AR and CS dept's a few years ago. Fortunately the AV software on the desktops caught it, but I ended up just blocking the damn site a few days later because I got tired of people calling like OMG I GOT A VIRUS!

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Devang, Nov 12th, 2007 @ 3:09pm

    They just don't know any better

    All Indian newspaper websites have had a terrible pop-up problem almost since their inception (http://gujaratsamachar.com, http://mumbaisamachar.com, even the Times of India/India Times) which has begged the question, when will they hire competent web-design people instead of people who likely think more ads in places that people don't want is good for business.

     

    reply to this | link to this | view in thread ]

  3.  

    Question

    Maybe a little off topic but does anyone know or believe that my anti-virus software suite (McAfee) which expires in 2 weeks would or could send a Trojan to me, then pop up and clear the Trojan as a way to get me to renew?

    I ask because of the timing of this. I have never had a Trojan appear in the past year. Now after they have been bugging me to renew for the last 30 days (and me not responding yet) this just happens to occur. Any thoughts?

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Rich Kulawiec, Nov 12th, 2007 @ 4:08pm

    Beat the rush: blacklist them now

    The India Times has been a haven for spammers, phishers,
    scammers, etc. for many years -- which is no doubt why a
    quick check here shows them on 14 of the first 20 blacklists
    that I checked.

    Of course, from the outside looking in, it's not possible to
    ascertain whether this is the result of pervasive incompetence
    or systemic collusion. Not that it matters, really: the end result
    is the same -- and so is the fix.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    jb, Nov 12th, 2007 @ 4:22pm

    Re: Question

    Would not be a surprise, McAfee is garbage anyway, do not waste your good money, try sophos for their free trial and you won't be disappointed. It uses less resources and is a better all around security tool.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    todd, Nov 12th, 2007 @ 7:37pm

    Haaretz does this too

    I get these kinds of popups from Haaretz, the Israeli newspaper, too

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Chuck Norris' Enemy (deceased), Nov 13th, 2007 @ 7:30am

    Re: Question

    Well, if you didn't go to the India Times website you wouldn't be in this predicament.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    david, Nov 18th, 2007 @ 7:39am

    Re: Haaretz does this too

    Every time I get one of those popups on Haaretz I make a screen capture of it and email it to one of their editors. They have never responded, so obviously they are aware of it and either don't care or are participating in it.

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    Krevco (profile), Dec 28th, 2009 @ 7:56am

    I have a hard time believing that any reputable company, especially a news site, would be the host of an intentional malware attack. Doing that on purpose would just be public relations suicide. it is more likely that they got some good bids on ad space, and unwillingly invited in some malicious code. In this case, they deserve only some of the blame.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Bob Cintelheim, Mar 17th, 2010 @ 5:28pm

    Re: Question

    The same thing happened to my girlfriend's laptop when her McAfee was about to expire. I had to Malwarebytes it. Coincindence? I don't think so.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This