The Public Broadcasting Service’s Web site has been infected at a section related to the Curious George children’s TV show and when the fake authentication page doesn’t work for the user, tries to drop malware on them, researchers said Thursday.
The attacks includes attempts against known vulnerabilities in Acrobat Reader, an AOL ActiveX control, Apple QuickTime and others. There are patches to correct these application vulnerabilities but if the user hasn’t applied the patches, the exploit observed by Purewire at the PBS.org Web site could be successful in installing malicious code on the victim’s desktop computer.
The malicious domain -- qxfcuc.info -- was registered through registrar eNom, Royal says. The registrant’s identity is not public, perhaps because the registrant paid a $10 a year fee that is typically charged to keep identity private, he adds.
Purewire researcher Nidhi Shah indicated that the security firm first observed the PBS.org Web site malware infection on Monday because the Purewire service used by a customer picked it up. Purewire sought to notify PBS about the matter via e-mail but has so far not received a response.
Web sites are increasingly being compromised by malware, as the Websense Security Labs “State of Internet Security Report Q1 – Q2 2009,” published Wednesday, points out. The report says the growth in the number of malicious Web sites has more than tripled in the period and 77% of the Web sites with malicious code are legitimate, trusted sites that have been compromised.