Home / mailings WSLabs, Malicious Web site / Malicious Code: The Bill site compromise
Posted on 29 August 2007
Websense Security LabWebsense® Security Labs(TM) has discovered that the official Web site of The Bill, a popular British TV series, has been compromised and laden with malicious JavaScript code meant to infect visitors with a Trojan horse. Fortunately, the malicious code failed to launch due to what appears to be sloppy work by the intruder. The failure occurred because the code that was placed to execute, was improperly placed on the wrong section of the Web site.
We believe that these are the same perpetrators behind three similar compromises of a UN web site, a prominent bank in India and a large industry organization Web site. Websense Security Labs discovered and reported on these incidents earlier.
At this time, the malicious code is still on the Web site. However, Websense users with Websense Web Security Suite are protected from connecting to the sites hosting the malicious payload.
For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=802