Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home > News > Security

May 11th, 2011, 12:39 GMT · By

Russian News Website Pravda Infects Visitors

SHARE:

Adjust text size:


The english.pravda.ru website infected with exploits
Enlarge picture
Security researchers warn that the English section of popular Russian news website pravda.ru has been compromised and is now infecting visitors with malware.

Because of the compromise english.pravda.ru has been flagged as malicious by Google's Safe Browsing service.

This means its pages are accompanied by a warning in Google search results and that Chrome and Firefox automatically block users from visiting them.

The english.pravda.ru website is an important source of Russian news for English speakers, so it is likely to get a significant number of foreign visitors.

According to security researchers from Finnish antivirus vendor F-Secure who analyzed this attack, rogue code injected into the site's pages is loading exploits targeting Java vulnerabilities.

If successful, the drive-by download attack installs a trojan that acts as a botnet client and allows hackers to access the infected computer.

"An attack like this is particularly devious. An end user might go to the same news website every morning for years, learning to trust it.

"Then one day it has become dangerous and will take over your computer, just by opening your favourite page," notes Mikko Hypponen, chief researcher officer at F-Secure.

The website will probably be cleaned quickly, but the Google Safe Browsing warning might persist until the company's special crawlers scan it again.

Pravda.ru, a news site originally created by former employees of the Pravda (The Truth) newspaper, is not the only high profile website infected by criminals in recent times.

Back in February we reported that the BBC 6 Music and 1Xtra websites were trying to infect visitors after being compromised by hackers.

In order to stay protected users should keep all of their software up to date, including their browser and operating system, so that known vulnerabilities can't be exploited.

Unfortunately, sometimes unknown flaws, known as zero-days, ca be targeted. Because of this, running an up-to-date antivirus program that is capable of detecting malicious behavior is also critically important.

TELL US WHAT YOU THINK:

1,325 hits · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:

Drive-By Download Attack Launched from Lenovo India Warranty WebsiteGoal.com Riddled with Malware-Serving CodeDrive-By Download Attack Launched from UK Human Rights Website

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2012 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use