14 DAY TRIAL // Security researchers warn that the English section of popular Russian news website pravda.ru has been compromised and is now infecting visitors with malware.
Because of the compromise english.pravda.ru has been flagged as malicious by Google's Safe Browsing service.
This means its pages are accompanied by a warning in Google search results and that Chrome and Firefox automatically block users from visiting them.
The english.pravda.ru website is an important source of Russian news for English speakers, so it is likely to get a significant number of foreign visitors.
According to security researchers from Finnish antivirus vendor F-Secure who analyzed this attack, rogue code injected into the site's pages is loading exploits targeting Java vulnerabilities.
If successful, the drive-by download attack installs a trojan that acts as a botnet client and allows hackers to access the infected computer.
"An attack like this is particularly devious. An end user might go to the same news website every morning for years, learning to trust it.
"Then one day it has become dangerous and will take over your computer, just by opening your favourite page," notes Mikko Hypponen, chief researcher officer at F-Secure.
The website will probably be cleaned quickly, but the Google Safe Browsing warning might persist until the company's special crawlers scan it again.
Pravda.ru, a news site originally created by former employees of the Pravda (The Truth) newspaper, is not the only high profile website infected by criminals in recent times.
Back in February we reported that the BBC 6 Music and 1Xtra websites were trying to infect visitors after being compromised by hackers.
In order to stay protected users should keep all of their software up to date, including their browser and operating system, so that known vulnerabilities can't be exploited.
Unfortunately, sometimes unknown flaws, known as zero-days, ca be targeted. Because of this, running an up-to-date antivirus program that is capable of detecting malicious behavior is also critically important.