Open Source Adapted Bicycle Pedal Comes to the Rescue
Accessibility has always been important to designers of open source software. Now that open source has come to design, that's more true than ever, as demonstrated with this open source bicycle
Linux Action Show to End Eleven-Year Run at LFNW
Six more episodes before the popular Linux podcast, Linux Action Show, ends its nearly 11-year run in a live broadcast from LinuxFest Northwest.


Jupiter Broadcasting's long-running
Dealing With Real-Life, Everyday Security Threats
No one has ever been shot by a hacker who was breaking into their computer through the Internet. Not so for thieves coming in through the back door.

Roblimo's Hideaway

I wrote a piece
Four Things a New Linux User Should Know
When you move from "that other operating system" to Linux, you're going to find that in most ways you'll be in familiar territory. However, that's not always the case. We sometimes do things a little differently
The Future of Desktop Ubuntu
With all the changes happening at Canonical, you might wonder what this means for the future of desktop Ubuntu, besides the return to the GNOME desktop.

There hasn't been this much news about a single Linux distro
Libreboot Reorganizes: Seeks to Make Amends
It appears the people developing Libreboot have done some of the hard work necessary to fix potentially toxic personal dynamics after last year's controversy, when the project removed itself from the
It's Windows Time in Linux Land Again
Using Windows. What a horrible thing to ask a Linux user to do.
February 13th, 2013

Avast AV Finds Malware On LA Times Website

This morning the Prague based antivirus company Avast! pushed notification to it’s subscribers of the presence of malware on the LA Times website. The notification came by way of a link to a blog on the antivirus company’s site delivered with the morning’s virus signature update. According to the blog’s writer, Brian Krebs, the Times site has been affected for about a month and a half. The problem is not site wide and only affects visitors to a small section of the site:

“…Fortunately for most of the users, only one of the low-profile websites was infected, so the assumed number of the infected people is not really high. But! I checked yesterday’s stats, then day-before-yesterday and the result was a bit of shocker! We have consecutive reports of malicious iframes on their sub-site from 23rd of December and it is still working there while I’m writing this blog.”

The malware redirects visitors to another server where a Black Hole kit attempts to infect the visitor’s computer using various browser exploits. According to the blogger, Avast’s records indicate that only about a third of its customers have their browsers’ security completely up to date.

Evidently, this malware uses sophisticated methods to avoid detection, which is probably why it’s been able to remain in place for so long without being discovered by the IT guys at the Times:

“Because we were getting both the clean replies and also the replies with the malicious iframe inserted … , we’re pretty sure we’re seeing the HTTP server with installed malicious module, which changes the file on the fly – they’re unmodified on the disk so that the admins see only clean files and uploading ‘verified clean’ file would not fix anything.”

This blog report is dated February 8–five days ago. At the time, the writer indicated he was having trouble contacting a live human being with the Times in order to notify them of the situation. On February 11, which was Monday, Avast indicated on their Facebook page that they were still trying to contact someone at the Times.

The Los Angeles Times is the fourth largest newspaper by circulation in the United States. According to the Alexa web ranking service, it’s the seventh most visited newspaper site globally.

The following two tabs change content below.
Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Latest posts by Christine Hall (see all)

Comments are closed.