My local paper's Web site was hit by the Mal/Badsrc-C virus yesterday, which had some visitors' anti-virus software flashing a warning when the visited the site.
According to the Nashua Telegraph, the virus infected the site via a third-party link from MyCapture.com. That company's systems were infected through an unpatched Microsoft server. Thankfully, Mal/Badsrc-C is a low-level threat is used mostly to install adware. The Telegraph took down the offending content as soon as it was notified about the issue, but what's interesting to me is the response from the MyCapture.com:
Some of our sites, along with thousands of others on the web including some U.S. Government sites, were attacked very early this morning exploiting a recently discovered vulnerability in Microsoft's web servers. We have since closed the hole and republished all of the sites, wiping all traces of the harmful code from the database.
I like how they mention their site and "thousands of others" including the "U.S. government" sites. Sounds a bit like an excuse to me: "Hey, we weren't the only ones! Look, even the government got hacked!" Sorry, no excuse for keeping your servers patched. On the bright side, good to see most anti-virus systems were up-to-date and able to warn unsuspecting visitors of the threat.
Advertisement: |
The Leader in Network Knowledge
