That’s right, the television network CBS had their website hacked using the popular iframe method and was actually used for a period of time to distribute malware to it’s visitors. I am not for sure how many visitors CBS has on a daily basis but I am pretty sure it’s probably high volume.
One of the popular features on CBS’s website among visitors is the ability to view missed episodes of their favorite shows like The Unit, CSI: Miami, and NCIS. Below is a report I found on Techworld regarding the attack…
TV network CBS has become the latest big name to have it website used to host malware, a security company has reported.
It appears that Russian malware distributors were able to launch another iFrame attack on a sub-domain of the cbs.com site so that it was serving remote malware to any visitors. A user’s vulnerability to the malware attack launched by the site hack would depend on a number of factors, including the type of security used on a PC, the operating system, and possibly the browser version.
“This saga confirms our many previous warnings that obfuscated code posing a serious threat to Internet users’ PCs, said Finjan CTO, Yuval Ben-Itzhak, who has devoted a fair amount of time in recent months to finding these hacks.
“Our Threats Reports have continued to identify the increasing use of code obfuscation as a means of bypassing traditional signature-based solutions in order to propagate malware,” Ben-Itzak continued, taking a pop at the anti-virus products against which his company in part competes.
“It also highlights the fact that no web portal, no matter how high ranking, can be totally secure against a system hack and consequent infection of its visitors. Web users need to exercise caution at all times,” he said.
Finjan has it had informed CBS of the issue, but that the Russian exploit server had in any case been taken offline, neutering the attack for the time being.
iFrame and SQL injection attacks on big-name websites have been one of the fashionable attacks of 2008, embarrassing a string of household names.
Questions or Comments?