AskMen denies trojan injection claim

Security

by Jimmy Nicholls| 25 June 2014

Lifestyle site says security firm got it wrong.

AskMen has denied that its website was silently redirecting readers to malware downloads, following a claim from Websense Security Labs.

The malicious code was said to have been injected onto the main version of the lifestyle website, having been "obfuscated" and hidden at the bottom of legitimate JavaScript on the site.

Once the redirect took place a Caphaw trojan was downloaded to the victim's computer, allowing hackers to access files, redirect internet traffic and use the machine in denial-of-service attacks, according to Websense.

Abel Toro, researcher at Websense, said: "As we can see, even very popular websites are not immune to malicious code injection attacks."

He said that the infection may have spread to thousands of unknowing readers browsing the site, which was visited by 11.6 million people during May.

Sophie Laplante, audience development manager at AskMen, said: "We've done a thorough investigation and there is no evidence of any malware.

"We take security issues very seriously and we have multiple measures in place to protect our users. We're also in contact with the vendor who purported to see evidence of an attack."

In a blog post Websense outlined the attack in detail, posting images of the allegedly malicious code and the page on which the exploit was said to take place.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

754 people like this.
0 people follow this.

Security Intelligence

Suppliers Directory

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.