AskMen malware attack may have exposed thousands

Security

by Jimmy Nicholls| 27 June 2014

Men's lifestyle site backtracks after initial denial.

AskMen has confirmed it suffered a malware injection this week, potentially exposing thousands of readers to the Caphaw trojan.

The lifestyle website found no malware on its servers during an initial sweep on June 23 and publicly denied it had been attacked, but a check the next day revealed the site had been infected.

A spokesman from the firm said: "All viruses from the AskMen.com site have been eliminated and we're keeping a sharp eye for similar threats going forward."

"We estimate that a very small percentage of our readers may have been exposed to the malware (approximately 0.1% of our readers)."

Security firm Websense alerted the company to the problem in a blog posted on their website, claiming that a malicious piece of JavaScript was redirecting visitors to a trojan download.

Caphaw, also called Shylock, gives hackers access to files, allows them to redirect internet traffic, and can rope machines into serving distributed-denial-of-service (DDoS) attacks on other computers and servers.

Abel Toro, researcher at Websense, said: "As we can see, even very popular websites are not immune to malicious code injection attacks."

Before AskMen's confirmation of the attack he had predicted thousands might have been infected by the malware, with the website's monthly visitors coming to 11.6 million during May.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

746 people like this.
0 people follow this.

Security Intelligence

Suppliers Directory


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.