Feeds

Digital Spy fights second malware attack

Oops we did it again

The Power of One eBook: Top reasons to choose HP BladeSystem

Updated Celebrity and TV gossip website Digital Spy has confirmed reports that its subscribers outside the UK have been exposed to malware. The latest reported outbreak follows an earlier malware infestation, later traced to tainted banner ads, that hit the site only six weeks ago.

Digital Spy is a high-traffic website frequented by surfers gorging on information about celebrity shenanigans and reality TV programmes. As with the previous attack, news that the site might be serving up malware surfaced via posts on Digital Spy's forum.

Subscribers reported warnings from their anti-virus scanner and hijacked connections, re-routing them via dating sites, among other examples of weird behaviour.

In response, Digital Spy issued a statement explaining that untoward content had been served up to US And Australian visitors but was now blocked. It said that the attack stemmed from an advertising exchange and was not confined to Digital Spy alone.

Our advertising operations team were able to successfully reproduce the issues raised by three of our visitors from America and Australia and put into place our new procedures to shut the malware-infected creatives down immediately.

We have been informed by our advertising exchange supplier that other websites operating in these territories experienced the same problem. This attack was, sadly, not confined to Digital Spy.

We are taking this incident, which did not affect our UK traffic, extremely seriously.

Digital Spy is a global website and our international business is very important to us. We expect the same guarantees of safety for UK and non-UK visitors alike and are appalled that despite the implementation of all practical safeguards within our own procedures - which resulted in a swift removal of the problem from our pages - a third party was able to attack us for a second time.

We are instituting a full review of our advertising arrangements and are engaging with the advertising industry, as a global publisher, to find a solution to this worldwide problem.

Attacks such as these have the potential to harm users, publishers and advertisers alike, damaging the internet's entire content delivery ecosystem. They must not be permitted to continue.

Digital Spy users were last exposed to malware via malicious banner ads that appeared in early June in an attack ultimately geared towards distributing rogue security software (AKA scareware). The site pledged to change its procedures following the incident. It's fair to say the site responded far more promptly to concerns in its forums this time around. Nonetheless, the latest incident still raises troubling questions about the overall security of the site. ®

Designing a Defense for Mobile Applications

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.