Serious Badsrc malware magic

Image (1) tutorial.jpg for post 22630

At the end of last week SophosLabs discovered that Adobe’s website was linking to a site infected with Mal/Badsrc-C. The infection had been encountered by a business partner of ours who – thankfully – had been defended from the infection by our security software.

Digging deeper, we discovered that the infected site was actually now part of the Adobe empire following an acquisition in October 2006. Some of the infected webpages have subsequently been rebranded but the underlying databases serving the site are still riddled with infections.


Sophos has been trying to contact Adobe since Friday to advise them of the problem, and at the time of posting have received no response.

Several of the papers at the Virus Bulletin Conference earlier this month touched on the problems due to web-based malware and some of the slides are now available (here).

The threat from web-based malware is increasing by the day and the fact the it can happen to companies as large as Adobe should make all web admins sit up and take notice.

NOTE: Last night Adobe contacted us and indicated that the issue had been resolved. I can confirm that the issue has been resolved.