Is The IndiaTimes Website Bombarding Visitors With Malware?
from the can't-be-good-for-repeat-business dept
While it’s well known that less well known sites may have been set up to maliciously install malware on your computer, most people assume (reasonably so) that larger, more well known sites are most likely safe to visit. However, one security firm is out raising the alarm that the English-language website of the India Times, a popular newspaper in India (which we’ve linked to multiple times in the past), is apparently chock full of risky pages that exploit various security vulnerabilities to try to download hundreds of malware apps to your computer. The security firm apparently first noticed this a few weeks ago, but didn’t realize the severity until now. What’s unclear from the description is how this is actually happening. We’ve heard stories in the past of scammers hacking into ad servers and serving malicious code that way, but there’s no real indication that that’s what’s happening in this case.
Filed Under: india, malware
Companies: india times
Comments on “Is The IndiaTimes Website Bombarding Visitors With Malware?”
anywho.com
I remember anywho.com serving up a trojan via some unpatched ActiveX exploit to a bunch of people in our AR and CS dept’s a few years ago. Fortunately the AV software on the desktops caught it, but I ended up just blocking the damn site a few days later because I got tired of people calling like OMG I GOT A VIRUS!
They just don't know any better
All Indian newspaper websites have had a terrible pop-up problem almost since their inception (http://gujaratsamachar.com, http://mumbaisamachar.com, even the Times of India/India Times) which has begged the question, when will they hire competent web-design people instead of people who likely think more ads in places that people don’t want is good for business.
Question
Maybe a little off topic but does anyone know or believe that my anti-virus software suite (McAfee) which expires in 2 weeks would or could send a Trojan to me, then pop up and clear the Trojan as a way to get me to renew?
I ask because of the timing of this. I have never had a Trojan appear in the past year. Now after they have been bugging me to renew for the last 30 days (and me not responding yet) this just happens to occur. Any thoughts?
Re: Question
Would not be a surprise, McAfee is garbage anyway, do not waste your good money, try sophos for their free trial and you won’t be disappointed. It uses less resources and is a better all around security tool.
Re: Question
Well, if you didn’t go to the India Times website you wouldn’t be in this predicament.
Re: Question
The same thing happened to my girlfriend’s laptop when her McAfee was about to expire. I had to Malwarebytes it. Coincindence? I don’t think so.
Beat the rush: blacklist them now
The India Times has been a haven for spammers, phishers,
scammers, etc. for many years — which is no doubt why a
quick check here shows them on 14 of the first 20 blacklists
that I checked.
Of course, from the outside looking in, it’s not possible to
ascertain whether this is the result of pervasive incompetence
or systemic collusion. Not that it matters, really: the end result
is the same — and so is the fix.
Haaretz does this too
I get these kinds of popups from Haaretz, the Israeli newspaper, too
Re: Haaretz does this too
Every time I get one of those popups on Haaretz I make a screen capture of it and email it to one of their editors. They have never responded, so obviously they are aware of it and either don’t care or are participating in it.
I have a hard time believing that any reputable company, especially a news site, would be the host of an intentional malware attack. Doing that on purpose would just be public relations suicide. it is more likely that they got some good bids on ad space, and unwillingly invited in some malicious code. In this case, they deserve only some of the blame.