Cybersecurity
On a quick tip from a The Hacker News reader - Travis, we came to know about that some antivirus giving warning when readers try to visit Bloomberg's Businessweek website ( businessweek.com ) that the site is infected with malware and trying to drop a malware on visitor's system. Website having very high alexa rank, that means it server updates to millions of daily visitors. Most obvious that Bloomberg's site was hacked and then hacker was able to inject the script to infect visitors of site.

After exploring the site, I found that some "Under Maintenance" pages like ( hxxp://bx.businessweek.com/photos/spham708_medium.jpg ) of Businessweek website having injected iframe that trying to open a remote page uploaded on a italian website as shown below:

The Hacker News

Injected URL : hxxp://www.lamiabiocasa.it/class/cls-memcache.php ( Do not open this page ).

We have another news from other sources that, recently around hundreds of italian websites was got hacked silently and hacker inject similar malware on those sites. On a quick search, I found that in last 24 hours Sucuri Malware Labs identified 126 websites that are compromised and serving malware from above listed site ( i.e. lamiabiocasa.it )
The Hacker News


File "cls-memcache.php" which is injected behind the Bloomberg's Businessweek site have been deleted now from the italian server just few hours before but their website have the iframe still on the site.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.