IT security and control firm Sophos is warning computer users to be vigilant following its discovery that legitimate Web pages on the Web site of Adobe Systems were hosting malicious code that can infect visiting computers.
Sophos identified the threat, known as Mal/BadSrc-C, on the Fortune 1000 company's Vlog It support centre section - an area providing tips for video bloggers - on Friday 3 October. Despite repeated attempts by Sophos to contact Adobe about the problem, the malicious code was still present on Thursday, 16 October.
Mal/BadSrc-C is a dangerous piece of malware that spreads by infecting the PCs of unsuspecting users with SQL injection attacks which download more malicious scripts from the Net and ultimately infect victims with spyware.
“Incidents like this show once again that even established and respected companies like Adobe are not immune to the growing tide of Web-based malware attacks. These infections are insidious, meaning the most well-intentioned Internet users can be hit without knowing it," says Brett Myroff, CEO of regional Sophos distributor, Sophos South Afirca.
With over 90% of Web infections now found on legitimate sites, companies need to take control to avoid putting potential customers at risk. "Organisations need to ensure that their Web sites are properly coded and that security is in place to stop these kinds of attacks.”
Sophos recommends that all businesses ensure their Web sites are fully defending against attacks, including spam, phishing and malware, and that all vulnerabilities are patched.
For more information, please visit: www.sophos.com/security/blog/2008/10/1863.html
Share
Sophos South Africa
NetXactics, trading as Sophos South Africa, is a South African-based company focused on the provision of security solutions. It is the Master Distributor for UK-based Sophos Plc, one of the leaders in the provision of network access control and endpoint, e-mail and Web security, and control solutions for the corporate environment. For more information, visit Sophos South Africa at www.sophos.co.za.
Sophos
Sophos enables enterprises worldwide to secure and control their IT infrastructure. Our network access control, endpoint, Web and e-mail solutions simplify security to provide integrated defences against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, we protect over 100 million users in nearly 150 countries with our reliably engineered security solutions and services. Recognised for our high level of customer satisfaction, we have an enviable history of industry awards, reviews and certifications. Sophos is headquartered in Boston, MA and Oxford, UK.
Editorial contacts