DuckDuckGo Ups Ante: Gives $300K to 'Raise the Standard of Trust'
For the seventh year in a row, the search engine that promises not to stalk your online moves puts its money where its mouth is, this year by donating $300,000 to organizations that
System76 Saying Goodbye to Bland Design
Considering that System76 chose to unveil its new design plans to The Linux Gamer -- no invite went to FOSS Force, BTW -- we can't help but wonder if a System76 Steam Machine isn't in the works.

The Screening
The Great Debian Iceweasel/Icedove Saga Comes to an End
Now that Thunderbird is back in the Debian repositories, the decade long dispute that led to all Mozilla products in Debian being rebranded has ended.

The hatchet is finally completely
Back Yard Linux
It's not as lonely being a Linux user as it once was. These days you're liable to find people throughout your neighborhood using Linux.

My how times have changed.

It wasn't long ago that Linux
No, Evil Hackers Aren't After You
Humankind has outgrown the need to have monsters hiding under our beds. Now we let them hide in our phones, computers and microwave ovens.

Roblimo's Hideaway

OMG! I think I see a giant camera lens on
Should the U.S. Army Have Its Own Open Source License?
Should the U.S. armed forces begin releasing software under an OSI approved open source license rather than as public domain?

Roblimo's Hideaway

This question has generated many pixels'
GitHub CEO Chris Wanstrath on Open Source
Did you know that the software Stephen Hawking uses to speak is open source and that it's available on GitHub? Neither did we.

The Screening Room

At the Computer History museum, GitHub CEO Chris
February 13th, 2013

Avast AV Finds Malware On LA Times Website

This morning the Prague based antivirus company Avast! pushed notification to it’s subscribers of the presence of malware on the LA Times website. The notification came by way of a link to a blog on the antivirus company’s site delivered with the morning’s virus signature update. According to the blog’s writer, Brian Krebs, the Times site has been affected for about a month and a half. The problem is not site wide and only affects visitors to a small section of the site:

“…Fortunately for most of the users, only one of the low-profile websites was infected, so the assumed number of the infected people is not really high. But! I checked yesterday’s stats, then day-before-yesterday and the result was a bit of shocker! We have consecutive reports of malicious iframes on their sub-site from 23rd of December and it is still working there while I’m writing this blog.”

The malware redirects visitors to another server where a Black Hole kit attempts to infect the visitor’s computer using various browser exploits. According to the blogger, Avast’s records indicate that only about a third of its customers have their browsers’ security completely up to date.

Evidently, this malware uses sophisticated methods to avoid detection, which is probably why it’s been able to remain in place for so long without being discovered by the IT guys at the Times:

“Because we were getting both the clean replies and also the replies with the malicious iframe inserted … , we’re pretty sure we’re seeing the HTTP server with installed malicious module, which changes the file on the fly – they’re unmodified on the disk so that the admins see only clean files and uploading ‘verified clean’ file would not fix anything.”

This blog report is dated February 8–five days ago. At the time, the writer indicated he was having trouble contacting a live human being with the Times in order to notify them of the situation. On February 11, which was Monday, Avast indicated on their Facebook page that they were still trying to contact someone at the Times.

The Los Angeles Times is the fourth largest newspaper by circulation in the United States. According to the Alexa web ranking service, it’s the seventh most visited newspaper site globally.

The following two tabs change content below.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Comments are closed.