For nigh on a week, the internet hollered at Reader’s Digest to remove malware from its website, to no apparent response . The attack consists of a malicious script injected within compromised WordPress sites that launches another URL whose final purpose is to load the Angler exploit kit. Site owners that have been affected should keep in mind that those injected scripts/URLs will vary over time, although they are all using the same pattern (see IOCs below for some examples). The website of popular magazine Reader’s Digest is one of the victims of this campaign and people who have visited the portal recently should make sure they have not been infected. The payload we observed at the time of capture was Bedep which loaded Necurs a backdoor Trojan, but that of course can change from day to day. Dan Goodin got exasperated: Hey Reader’s Digest: Your site has been attacking visitors for days . Reader’s Digest has been infected since last week with code originating with Angler, an off-the-shelf hack-by-numbers exploit kit that saves professional criminals the hassle of developing their own attack scripts, researchers from antivirus provider Malwarebytes told Ars. People who visit the site with outdated versions of Adobe Flash, Internet Explorer, and other browsing software are silently infected with malware that gains control over their computers. Malwarebytes researchers said they sent Reader’s Digest operators e-mails and social media alerts last week warning the site was infected but never got a response. The researchers estimate that thousands of other sites have been similarly attacked in recent weeks and that the number continues to grow. 1. If you would like an ill-informed passive-aggressive quip, go to 2 . If you would like earnest outrage, go to 3 . If you would like to hear the voice of reason that really isn’t, go to 4 . 2. What give$, Readers Digest? 3. They’re probably being paid to do it, isn’t that disgusting? 4. Guys, it’s Readers’ Digest. They’re all 120 years old and have no idea what a website is or why they have one.
View original post here:
Why wouldn’t Reader’s Digest remove malware from its website?