//
you're reading...
IT, Security

BBC 6Music and 1Xtra streams hacked

Malware has been reportedly[1] inserted into the stream pages for two of BBC‘s less popular radio channels.


According to The Register (quoting WebSense[2]), the exploit in question allows what is called “drive by downloads“, that is to say that the malware can download itself to anyone simply browsing the page without prompting the user or asking consent.
VirusTotal were reporting yesterday that only 9 AntiVirus solutions out of 43[3] were detecting the malware. 15 hours later, today, and that number had only increased to 12[4].
This appears to be quite a poor response.
The AV that do currently detect the malware are:

AhnLab-V3		Trojan/Win32.CSon
Emsisoft			Trojan.Win32.Oficla!IK
Ikarus			Trojan.Win32.Oficla
Kaspersky		IM-Worm.Win32.Yahos.su
NOD32			a variant of Win32/Kryptik.KRH
Panda			Suspicious file
PCTools			Trojan.Bredolab
Prevx			Medium Risk Malware
Semantic			Trojan.Bredolab
TrendMicro		TROJ_SPYEYE.SMEP
TrendMicro-HouseCall	TROJ_SPYEYE.SMEP
VIPRE			FraudTool.Win32.AVSoft (v)

No statement yet from the BBC and more importantly no indication that the “injected frame” has been removed.

Other reports on the same incident include Net Security[5] and ZD Net[6].


References
[1]The Register (BBC DriveBy Download) 16/02/2011
[2]WebSense (BBC – 6 Music and 1xtra Web site Injected With Malicious iFrame ) 16/02/2011
[3]VirusTotal 15/02/2011
[4]VirusTotal 16/02/2011
[5]Net Security (Malware News) 16/02/2011
[6]ZD Net 16/02/2011

– Posted using BlogPress from my iPhone

About harlekwinblog

"Thoughts of an idle mind." Information Security professional.

Discussion

One thought on “BBC 6Music and 1Xtra streams hacked

  1. Just received this reply from 6Music:
    Hi
    The problem was resolved yesterday, shortly after it was reported.
    The sites are both secure and safe to visit again now.
    Best wishes
    6 Music Team

    Posted by harlekwinblog | 2011/02/16, 6:46 pm

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Categories

RSS This Blog…

  • An error has occurred; the feed is probably down. Try again later.

Share me…

Bookmark and Share
February 2011
S M T W T F S
« Jan   Mar »
 12345
6789101112
13141516171819
20212223242526
2728  
%d bloggers like this: