On a quick tip from a The Hacker News reader - Travis, we came to know about that some antivirus giving warning when readers try to visit Bloomberg's Businessweek website ( businessweek.com ) that the site is infected with malware and trying to drop a malware on visitor's system. Website having very high alexa rank, that means it server updates to millions of daily visitors. Most obvious that Bloomberg's site was hacked and then hacker was able to inject the script to infect visitors of site.

After exploring the site, I found that some "Under Maintenance" pages like ( hxxp://bx.businessweek.com/photos/spham708_medium.jpg ) of  Businessweek website having injected iframe that trying to open a remote page uploaded on a italian website as shown below:


Injected URL : hxxp://www.lamiabiocasa.it/class/cls-memcache.php ( Do not open this page ).

We have another news from other sources that, recently around hundreds of italian websites was got hacked silently and hacker inject similar malware on those sites.  On a quick search, I found that in last 24 hours Sucuri Malware Labs identified 126 websites that are compromised and serving malware from above listed site ( i.e. lamiabiocasa.it )


File "cls-memcache.php" which is injected behind the Bloomberg's Businessweek site have been deleted now from the italian server just few hours before but their website have the iframe still on the site.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.