Malware Infected Telecommunications Industry Ombudsman Website
A malware attack has forced the IT department of Telecommunications Industry Ombudsman (TIO) to take its website offline in the second week of February 2010.
Details of the malware attack reveal that the Ombudsman Office came to know about the attack when Google had sent a notification about the infection. In fact, Google restricted the access of TOI website owing to the infection.
As per the Google's diagnostic page, three TOI web pages were maliciously corrupted by the attack and the infection resulted in starting of new process (on an average) on the target machine.
John DuBois, TIO Communications Manager, confirmed that the website had been infected by the attack. DuBois further added that the TOI first apprehended that the infection was a limited intrusion, but on closer examination, it was found much more harmful, as reported by ZDNet Australia on February 9, 2010.
Expressing his views on the website vulnerability, David Brophy, ANZ Marketing Manager, Websense, said that the TOI website infection was a typical case wherein legitimate websites were deliberately corrupted by malicious codes, as reported by iTnews on February 8, 2010.
Brophy further said that the TOI website was a well known and received a lot of traffic. The malicious code was there for a couple of hours to infect systems of as many people as possible.
Websense remarks have left no other option for TOI but to investigate into the problem on its end to ascertain what kind of malware had actually infected the website in the very first place.
In order to restore customers' confidence in the website security, the TOI said that it would take all necessary measures to stop such kinds of infection occurring in future.
Finally, the latest website attack has confirmed Websense findings in its Q3-Q4 2009 State of Internet Security Report that around 71% of sites containing malicious codes discovered over those six months (Q3-Q4 2009) were actually legitimate websites. These websites were infected by cyber criminals to make their false ends meet. It also points to the fact that this threat has been continuously running and exploited by cyber criminals on a regular basis.
Related article: Malware Authors Turn More Insidious
» SPAMfighter News - 17-02-2010