BBC Music Websites Are Infectious
Did your antivirus software detect the BBC 6 Music / 1Xtra driveby?
According to this Virustotal scan, currently only 12 of the top 43 antivirus products correctly identify Tuesday's malware threat, which at the time of writing, is still actively serving up malicious executables from IFrame tags on these popular BBC streaming sites. In cases like these, the simple act of visiting a website is sufficient to cause infection.
Kaspersky did detect this threat, which is good news for us, both at work and at home. On the other hand we are far from complacent, noting among the failures such high profile names as AVG, BitDefender, McAfee (all editions), Microsoft and Sophos. All companies whom we have used, endorsed, and recommended to our customers and families, at one time or another. Today, I can't bring myself to link to them... nor obviously to those BBC music websites! Update (Feb 17): all of the above have now caught up, and the latest Virustotal figure is 23/43.
Here is the Websense Security Labs blog entry on the attack, which identifies the malware as having been authored using the still popular PEK toolset (Phoenix Exploit Kit, 2007).