Indiatimes.com infecting computers

Status
Not open for further replies.
S

sunbiz_3000

Discoverer
The ScanSafe Blog mentions that the popular Indian website, Indiatimes.com has pages that are installing malicious code into computers that are visiting its webpages.

From the ScanSafe Blog:
The installed malware included a cocktail of downloader and dropper Trojans, assorted other malicious binaries, and large amounts of scripts, cookies, and other non-binaries. We ran some of the binaries through VirusTotal and looks like overall detection among signature-based antivirus vendors is low. Given the nature of the downloaded files, it appears the malware may be intended to create sites used to attack others or that there may be some malicious peer-to-peer or other filesharing/communication purpose.

There is no clear indication on which pages have been affected, but they say not every page is infected. The attack is basically done using some unknown vulnerability in windows. Microsoft has been asked to look into the report and is yet to give any reaction. Also, which browsers are affected have not been listed, but it seems like IE should be affected since some binaries are installed and activeX seems to be the common way to do it. But other scripts may also be working. ScanSafe advises all the users not to visit the webpage until a fix announcement is made by Indiatimes.com.

All this malicious activity is going unnoticed because a lot of antiviruses are unable to detect the signatures of the malicious code. Which means that many of you already have been infected if you visited Indiatimes.com recently.
Click to expand...
Source:Sunny Talks Tech: Indiatimes.com infecting computers
 
Params7 said:
O_o

lol. They've got better things to worry about.

Firefox ftw!
Click to expand...

I cant second that,, it seems that the recent version of firefox had lot of problems with respect to Memory leaks... i dont know whether they have solved it in the recent release :huh:
 
i have been surfing indiatime 10 times a day brother but i don't think that its really infecting the pc's . My pc i running clear as of now and i have done the scannign too...check out where the real problem is or just send me the links for the pages that are installing that code...i have norton systemworks 2007 installed on my pc...
 
Useless report..

..we think something bad happened..or may happen.

..but we have no more details.
 
tusharrastogi said:
i have been surfing indiatime 10 times a day brother but i don't think that its really infecting the pc's . My pc i running clear as of now and i have done the scannign too...check out where the real problem is or just send me the links for the pages that are installing that code...i have norton systemworks 2007 installed on my pc...
Click to expand...

If you've been using IE and gone into one of the infected pages, then you may have got the stuff and not even realized... Quite a lot of antiviruses are unable to detect the virus.. If you use Ghost or some other monitoring tool, you'll see a lot of files & cookies that earlier werent there are in from indiatimes.com

Also, its a vulnerability in IE or Windows is yet to be determined... It could have larger implications, but since its an Indian website, not too many people from around the world are looking into it!!
 
Status
Not open for further replies.
Top Bottom