Hackers set the drive-by malware up at the BBC's 6 Music website and the BBC 1Xtra radio station website. Researchers at the insecurity outfit Websense found the exploits and put its report up on its security labs blog.
"The BBC - 6 Music Web site has been injected with a malicious iframe, as have areas of the BBC 1Xtra radio station Web site," an anonymous Websense insecurity researcher wrote.
Websense claims the injected iframe is at the bottom of the BBC 6 Music webpage and has been set up to automatically download some dodgy code from a .cc website. Apparently the hack is exactly the same on the BBC's 1Xtra website.
"If an unprotected user browsed to the site they would be faced with drive-by downloads, meaning that simply browsing to the page is enough to get infected with a malicious executable," Websense continued.
The malware was designed using a Pheonix Exploit kit and only 12 out of 43 of the top anti-virus packages found the exploit. Using Virus Total scan to see which products picked up the injected iframe, Websense showed that anti-virus scans from some outfits like Kaspersky, Symantec, PC Tools and Trend Micro picked up the hack.
However, other top name insecurity vendors like Sophos, McAfee and even Microsoft's anti-virus tools didn't register the hack at all. That is an appalling detection rate from both free and paid-for anti-virus kits and, as of yesterday, Websense reckoned the anti-virus toolkits were still vulnerable.
