A web security service called ScanSafe has investigated the Times of India website (note that I’m not providing a link), and discovered that its advertising is stuffed with advanced Adware and Malware (thanks, Voiceinthehead):
Visitors to the IndiaTimes website are being bombarded by malware, some of which appear to target previously unknown vulnerabilities in Windows, a security researcher warns.
In all, the English-language Indian news site is directly or indirectly serving up at least 434 malicious files, many of which are not detected by antivirus software, according to Mary Landesman, a senior security researcher at ScanSafe. She said at least 18 different IP addresses are involved in the attack.
“The end result of the compromise is that the user, going through their normal course of activities, is subject to a really massive installation of malicious files,” she told us. “Coupled with the low detection by antivirus vendors, it does put the end user in a very vulnerable position.”
Visitors can be infected even if they have up-to-date systems and they don’t fall victim to tricks to install software or browser add-ons, she said. She urged people to avoid the site until it’s been cleaned up. (link)
A slightly more technical version of the report is at the ScanSafe website, here.
Frankly, I find it appalling that a “respectable” news agency would be using these tactics, and I won’t be linking to the TOI in any blog post unless and until I hear that this has been stopped. I also hope the report gets picked up by the general Indian news media, and TOI is called to account. This is simply not a business policy that is entered into by accident — somebody at The Times of India had to knowingly enter into agreements with these Malware vendors to begin with. (If this were a U.S. company, you can bet there would be a class-action lawsuit by users forced to waste time and money cleaning up their computers.)
One qualification: I’m a little unsure about how much of a danger this really is to people who are running Windows Vista, Windows XP SP2, or computers with good spyware protection — ScanSafe may be magnifying the danger a little to drum up business.
That said, there are still plenty of people out there who are running Windows XP without the SP2 upgrade, who are especially vulnerable. One such person was me, until recently, and it became an issue when my mother-in-law was using our old desktop a bit when she was staying with us a few months ago. She likes the Indian news sites, and one day I came home to find that the old desktop was essentially rendered useless by a virtually unfixable malware infection [yes, even if you get into the Registry Keys and what not]. I was forced to reinstall Windows — though this time I made sure to update it to SP2, and haven’t had a problem since.
I don’t know for sure whether it came from The Times of India, or another site. Does anyone else have experience with Spyware/Adware/Malware infections from respectable Indian news websites?
My computer has been infected with advanced malware and viruses several times in the last few months. The first time I didn’t realize how I got it. The second time, my computer started acting funny right after I clicked on a video link on the timesofindia website. I had Norton antivirus software on my computer but that didn’t prevent the virus attack. I figured I wouldn’t click on video links on their site and would just read the news articles. Well, last friday after I read some articles on their site (no videos) I noticed that the computer was acting up again. Norton didn’t detect anything nor did another malware software. But by Monday, my computer had become so badly infected that I had to have the computer reimaged AGAIN. Fortunately, my data was safe but it was a serious waste of time for me and for the IT folks who had to reimage my machine twice within a span of a few months. STAY AWAY FROM THIER SITE
The hindustantimes.com is also hoisting such malware.