BusinessWeek plays host to malware

BusinessWeek plays host to malware

The section of the BusinessWeek website aimed at MBAs is currently hosting malicious code thanks to an SQL injection attack.

If you've been browsing the BusinessWeek website recently, you might want to check your system for nasty bugs: it's infected with malware.

At least, that's what Sophos spokesman Graham Cluley is saying. As reported by CNet, Cluley claims to have evidence that a section of BusinessWeek's site – aimed at providing information on what companies poach employees from what MBA programmes – has been attacked by a malicious cracker. Rather than the more usual – and juvenile – defacement common of such attacks, the perpetrator has left behind malicious code which attempts to coerce visiting browsers into downloading and installing a malware package from a Russian website.

The malware was placed on the site as a result of an SQL injection attack – a method of exploiting vulnerabilities in the way certain web applications accept input in such a way to directly affect the database backend – by an unknown assailant. More worryingly, the site is – at the time of writing – still affected by the attack, although the Russian website hosting the malware is currently offline.

Cluley claims to have alerted BusinessWeek to the issue a full week ago, but the code is still present. He states that companies like BusinessWeek who are “hit by SQL Injection attacks need to move fast to not only remove the malicious scripts, but also to ensure that they do not get infected again” as failure to find the root cause of the problem – usually a web application that is failing to sanitise its inputs properly – means companies which have “been struck by such an attack often clean-up their database, only to be infected again a few hours later.

How much trust do you place in the websites you visit? Are viruses things that only happen to people browsing pr0n, or do we all need to be a little paranoid about our browsing habits? Share your thoughts over in the forums.


Discuss in the forums Reply
Mentai 16th September 2008, 13:33 Quote
Browsing pr0n? I always thought it was from illegal downloads, warez etc. I guess they're almost one and the same. I trust this website lol
SlickGnome 16th September 2008, 14:05 Quote
Its really sad how badly some sites are infected and how much they beleive they are immune to such things. Sony's Online Gaming site was hit with SQL injection a while back and was handing out XP/Vista Antivirus 2008/2009 to alot of the "lucky" visitors. For a little while, an advertising partner of MSNBC (and several other sites) was hit with the exact same thing. My part time job is PC repair, and lately 99% of what we do is Spyware/Virus/Greyware removal. We have had people come in with day old machines that are soo infected that the machines will not even fully boot to windows, even with Decent Antivirus/Antispyware applications. With some of these programs being rehashed a few times a week, is almost impossible for even the big name companies to keep up with definitions.
bahgger 16th September 2008, 16:43 Quote
I'd better not surf sites like those tech ones anymore.. bye bye bit-tech! You will be missed ;(
leexgx 17th September 2008, 23:19 Quote

its not just targeting tech web sites its any web sites that have set up SQL improperly (auto tools that make SQL content), users are not very up on what windows does and does not do (windows pc will never tell you that you have an virus)
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.

Discuss in the forums