14 DAY TRIAL // The Turkish side of MSNBC was recently affected by a malicious code which could infect all the visitors' computers with password stealing utilities without any user action. Security company Websense reports that attackers could do this using an external JavaScript file which included dangerous content apparently hosted in China.
"Visitors to the Web site were infected with an exploit code tailored to their browser. Assuming that the visitors were vulnerable, password stealing code was installed and executed on their desktops, without requiring any user intervention," Websense wrote in an advisory published today. "This is a Microsoft site, hosted by a partner. We are actively working with Microsoft's security personnel to fix the issue. Websense security customers are protected against users connecting to the Web sites hosting the malicious code."
At this time, the website seems to be clean and safe to access so the engineers repaired the problem pretty fast.
This is another evidence that a hacker is able to modify the content of respected and well-known websites quite easy if the protection system is very weak. Earlier this day it was reported that some bad-intended persons tried to attack the official website of the security company F-Secure, attempting to display a message for one of the firm's employees. However, due to a mistake in the virus code, the attackers failed to reach their goal and the entire attempt was blocked by F-Secure.
But this one is different, MSNBC is not a security company and its defense system is probably weaker than the one owned by F-Secure. That's why it's always recommend to install security tools for your PC protection and keep them up-to-date in order to be sure that your data is not accessed by other persons than the ones you allow.