Slashdot Mirror

← Back to Stories (view on slashdot.org)

BBC Site Used as IE Attack Lure

Posted by ryuzaki0 on from the reads-good-enough-to-be-true dept.

capt turnpike writes "The hits just keep coming... according to eWEEK.com, someone is using actual excerpts of BBC news stories to 'launch drive-by downloads of bots, spyware, back doors and other Trojan downloaders.' One example is a story blurb masking the download and installation of a keylogger -- with no user interaction. And it doesn't even tell you it loves you."

3 of 83 comments (clear)

  1. eWeek is retarded... by ninja_assault_kitten · · Score: 3, Insightful

    "The hits keep coming in..." Yeah, 1 every hour. The media wants to make this the most critical vulnerability that ever existed. What a joke.

  2. Erm, why is this a story? by baldass_newbie · · Score: 5, Insightful

    I mean, a known bug is exploited and it's using quoted text from the BBC site.
    If they do it again tomorrow with text from nytimes.com would that be another story?

    --
    The opposite of progress is congress
  3. What harm in bundling the browser? by chill · · Score: 4, Insightful

    So, what harm is there in bundling the browser with the OS shipped on 90% of the retail PCs in the world? What harm is there in integrating the browser into the core of the operating system?

    Apparently, if you bundle a half-ass product where only lip service was paid to security, the cost is greater than anyone realizes. IE was crammed in there with the sole purpose of crushing Netscape and dominating the Internet market. It was rushed, with slipshod quality and security only as an afterthough -- and that only by the PR department.

    "Where do you want to go today?" seems to have found an answer... ...let's stop by your bank and credit card accounts on the way to an organized crime hangout and/or third-world country! Fun!

      -Charles

    --
    Learning HOW to think is more important than learning WHAT to think.