14 DAY TRIAL // It was an already known fact that hackers target famous and well-known websites in order to distribute malware and to infect users' computers but this time the alert is pretty critical. Mary Landersman of ScanSafe wrote on the official blog of the company that IndiaTimes was infected by some serious malicious files which attempt to exploit old unknown Windows vulnerabilities. Alexa placed IndiaTimes on position 481 which underlines the popularity of the website among the Internet consumers. But it also shows that it is an extremely dangerous threat for the web as millions of users access it every day.
The ScanSafe expert said the IndiaTimes malware attempts to take visitors on dangerous websites which also try to install malicious files on their computers. The entire news website contains no less than 434 infected files, many of them managing to bypass users' antivirus protection, no matter its name and the version of the virus definitions.
"The installed malware included a cocktail of downloader and dropper Trojans, assorted other malicious binaries, and large amounts of scripts, cookies, and other non-binaries. We ran some of the binaries through VirusTotal and looks like overall detection among signature-based antivirus vendors is low," Mary Landersman wrote on the blog. "Given the nature of the downloaded files, it appears the malware may be intended to create sites used to attack others or that there may be some malicious peer-to-peer or other filesharing/communication purpose."
Sure, you might think that it's not so dangerous if the webmasters manage to remove the infections quickly before the users' computers get infected. But it seems like the IndiaTimes engineers are currently celebrating an Indian holiday which slows down the entire process of disinfecting the page. "Unfortunately, the person we spoke with indicated that it was a holiday in India and they would be unlikely to fix the problem until Monday. They declined to provide us with another contact or to escalate our concerns."
So, until future reports, you're advised to avoid visiting the page even if you have powerful antivirus protection installed on your computers.