Somerset County Council website victim of Blackhat SEO and malware injection

Filed Under: Malware, SophosLabs, Vulnerability

Sophos users over the past few months may have noticed that they haven't been able to access parts of the Somerset Information Exchange (SiX) due to instances of Mal/Badsrc-C on the site.

The problems for the SiX microsite, hosted on somerset.gov.uk, is larger than just malicious SCRIPT tags on pages. The site also has injected Blackhat SEO code on the main site:

The insurance area on the site is riddled with injected scripts:

Everyday, SophosLabs see thousands of infected websites, including .gov websites from around the world. We have procedures in place to initiate contact with the owners to help combat web threats. Unfortunately, not everyone listens.

, , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s