Hackers exploit major publication’s Web site vulnerability

Hackers have attacked BusinessWeek's Web site in a bid to infect its readership with malware, according to Sophos.

Hundreds of web pages in a section of the weekly magazine's Web site were affected, the IT security firm said. The section contains information about where MBA students might find future employers.

According to Sophos, the hackers used an SQL injection attack, which exploits a vulnerability to insert malicious code into the Web site's underlying database. Last week, Sophos informed BusinessWeek of the infection, which peppers pages with code that tries to download malware from a Russian web server.

"It's worrying when any site suffers from a malicious SQL injection attack, but when it's also one of the 1,000 busiest Web sites on the internet, the stakes are even higher," said Graham Cluley, senior technology consultant at Sophos.

Cluley noted that the potentially large number of people visiting the site and accessing career information may be putting their finances or personal data at risk if they are not properly protected.

Increasing attack rate

Earlier this year, Sophos reported that it identified some 16,000 new infected web pages every day. Ninety per cent of these were on legitimate sites like BusinessWeek that had been hacked.

The IT security firm said that it currently discovers a new malicious web page every five seconds, three times faster than the rate seen last year.

While the Russian Web site is currently down and not delivering further malicious code against BusinessWeek, the attack could be revived at any time, according to Sophos.

"BusinessWeek and many other firms hit by SQL injection attacks need to move fast to not only remove the malicious scripts, but also to ensure that they do not get infected again," Cluley said. "Companies whose Web sites have been struck by such an attack often clean up their database, only to be infected again a few hours later."

Cluley said that all web surfers need to ensure that visited pages are scanned for dangerous code. "That's because an increasing number of sites are being discovered each day hosting malware."