AskMen malware attack may have exposed thousands

Data Jimmy Nicholls

09:08, June 27 2014


Men's lifestyle site backtracks after initial denial.

AskMen has confirmed it suffered a malware injection this week, potentially exposing thousands of readers to the Caphaw trojan.

The lifestyle website found no malware on its servers during an initial sweep on June 23 and publicly denied it had been attacked, but a check the next day revealed the site had been infected.

A spokesman from the firm said: "All viruses from the site have been eliminated and we're keeping a sharp eye for similar threats going forward."

"We estimate that a very small percentage of our readers may have been exposed to the malware (approximately 0.1% of our readers)."

Security firm Websense alerted the company to the problem in a blog posted on their website, claiming that a malicious piece of JavaScript was redirecting visitors to a trojan download.

Caphaw, also called Shylock, gives hackers access to files, allows them to redirect internet traffic, and can rope machines into serving distributed-denial-of-service (DDoS) attacks on other computers and servers.

Abel Toro, researcher at Websense, said: "As we can see, even very popular websites are not immune to malicious code injection attacks."

Before AskMen's confirmation of the attack he had predicted thousands might have been infected by the malware, with the website's monthly visitors coming to 11.6 million during May.

Source: Company Press Release

get a cbr Cyber Security weekly update

Terms & Conditions & Privacy Policy.


Post a comment

Comments may be moderated for spam, obscenities or defamation.