NEWS FROM THE LAB - Wednesday, May 11, 2011

Pravda Hacked Posted by Mikko @ 08:14 GMT

The English language version website of a major Russian newspaper Pravda (Правда, i.e. "The Truth") has been hacked.


There are no visible changes done to the site. Instead, the page silently loads exploit scripts that try to infect the user via vulnerabilities in Java. If successful, the visitors computer gets hit by a bot that allows outsiders to access and use the computer.

An attack like this is particularly devious. An end user might go to the same news website every morning for years, learning to trust it. Then one day it has become dangerous and will take over your computer, just by opening your favorite page.

Five years ago, if somebody managed to break into a major site like this, they would typically delete all content and post stupid pictures on the front page. Nowadays they do an invisible modification on the site, trying to stay undetected as long as possible, hoping to gain access to thousands of visitors computers.

We expect the site to get cleaned shortly.