Who is responsible for the content on your website?
At the end of last week, SophosLabs received a report from a customer saying that when they visited a certain site they received virus reports for Mal/ObfJS-A, Exp/Animoo-A and Mal/JSShell-B. The site in question is a household name which made the customer initially query the virus detections believing that such a global brand could not be infected. When I visited the site I found that the site did indeed link to malicious files.
So what had happened? Was the global brand’s website compromised? Or was something more sinister happening?
The global brand’s site loaded some content from a third party marketing company. However, the marketing company’s site had been compromised so that it now linked to malicious content on a remote server (we are aware of several thousand other sites similarly compromised). The net effect of this for users browsing the global brand’s site is that they are exposed to the malware.
Who is to blame?
The hacker and then the marketing company. The global brand, in this case, was an innocent party. However, from a customer perspective the big company appears guilty - when their site was browsed, the machine was hit with malware.
Remember, adding third party content can be a risky business. You have to make sure that their security policies match yours, otherwise you lose your reputation.
Posted on November 5th, 2007 by Pob, SophosLabs, UKFiled under: Malware, Web
Windows 7 security - A great leap forward or business as usual?
Related posts
- Root compromise responsible for hacked sites
- What happens when we find an infected website?
- The Truth is that legitimate websites are serving malicious content
- Anti-virus company Trend Micro: Our website has been hacked, risk of Trojan horse infection
- Famous chip shop website battered by malicious Iframe injection
