Cybercriminals have managed to breach Bloomberg’s Businessweek website. The attackers injected malicious scripts with the purpose of pushing malware onto the visitors' computers.
According to The Hacker News
, the attackers have injected an iframe loading a malicious PHP file placed on a compromised Italian website.
Malware reports from security firm Sucuri revealed that Bloomberg’s website wasn’t the only one containing the iframe that pointed to the PHP file hosted on the Italian site. An additional 125 websites were also found to contain the script, in 24 hours alone.
Fortunately, the malicious file has been removed from the Italian site. On the other hand, the iframe in question is still present on some Bloomberg Businessweek webpages.
Cybercriminals often try to hijack high-ranked websites to ensure that their pieces of malware end up on as many computes as possible. In the past period, experts found exploits on the sites of a Chinese high school
and on the one of Japanese restaurant Wagamama