Monday, November 12, 2007

IndiaTimes website ‘attacks on Windows visitors’

Yet another reason to use Linux is here.

Indiatimes website

It looks like visitors to the IndiaTimes website are being bombarded by Malware/Trojans, some of which appear to target previously unknown vulnerabilities of Windows.

IndiaTimes is one of most popular website of India. It has a Alexa traffic rank of 483, and most of its visitors are from India.

The real bad news is that, Visitors can be infected even if they have up-to-date systems and they don't fall victim to tricks to install software or browser add-ons.

ScanSafe, was the first to detect this security problem of Indiatimes website. According to ScanSafe, Indiatimes website is directly or indirectly serving up at least 434 malicious files, many of which are not detected by antivirus software, even with up-to-date virus definitions.

ScanSafe first detected the malwares on October 25, However the Indiatimes website is still serving malwares as of now. (Sunday 11/11/2007)

According to Mary Landesman, Senior security researcher at ScanSafe,
"The end result of the compromise is that the user, going through their normal course of activities, is subject to a really massive installation of malicious files," . "Coupled with the low detection by antivirus vendors, it does put the end user in a very vulnerable position."
She urged people to avoid the site until it's been cleaned up.

All this problems happens to only Windows visitors of the website, visitors who are using Linux or Mac OS will have no trouble of whatsoever.

Current solutions:

Currently there are two solutions to avoid this problem.
  1. Avoid visiting Indiatimes website until the webmasters clean the website.
  2. Use Linux.
I would prefer to go for the second solution.


No comments: