Serious Badsrc malware magic

Filed Under: Malware, SophosLabs

At the end of last week SophosLabs discovered that Adobe's website was linking to a site infected with Mal/Badsrc-C. The infection had been encountered by a business partner of ours who - thankfully - had been defended from the infection by our security software.

Digging deeper, we discovered that the infected site was actually now part of the Adobe empire following an acquisition in October 2006. Some of the infected webpages have subsequently been rebranded but the underlying databases serving the site are still riddled with infections.

tutorial.jpg

Sophos has been trying to contact Adobe since Friday to advise them of the problem, and at the time of posting have received no response.

Several of the papers at the Virus Bulletin Conference earlier this month touched on the problems due to web-based malware and some of the slides are now available (here).

The threat from web-based malware is increasing by the day and the fact the it can happen to companies as large as Adobe should make all web admins sit up and take notice.

NOTE: Last night Adobe contacted us and indicated that the issue had been resolved. I can confirm that the issue has been resolved.

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s