Feeds

Gizmodo says sorry for malware suckerpunch

Staff on Macs late to spot hack

Securing Web Applications Made Simple and Scalable

Tech blog Gizmodo has been suckerpunched by cyber scoundrels, who placed malware-loaded web ads on the site.

Gizmodo is the latest online publication to have been targeted by villainous hackers. The site coughed to the nasty scam and issued an apology today.

“Guys, I'm really sorry but we had some malware running on our site in ad boxes for a little while last week on Suzuki ads,” wrote Gizmodo’s Brian Lam. “They somehow fooled our ad sales team through an elaborate scam. It's taken care of now, and only a few people should have been affected, but this isn't something we take lightly as writers, editors and tech geeks.”

Lam added that staffers at Gizmodo, which is owned by Gawker Media, might’ve spotted the malware sooner but for the fact that everyone uses Mac OS X or Linux machines.

“Everything should be cleared up but you should be checking ‘qegasysguard.exe’ if you're experiencing random popups,” he said. “Be careful, load up some antivirus and make sure your system is clean. I'm sorry.”

A similar scam fooled the New York Times into hosting malware on its homepage in September this year.

Just yesterday, The Guardian newspaper’s jobs website warned 500,000 users that hackers may have got hold of private information held on the site after a "sophisticated and deliberate" attack.

Anti-virus powerhouse Sophos was quick to issue a statement about the latest high-profile hack to strike, er, hacks.

"By hitting one of the biggest blogs in the world, these hackers are aiming high," said Sophos tech guru Graham Cluley. "Their plan was to infect as many computer users as possible with their malicious adverts.

"They know Gizmodo gets a huge amount of traffic - once they infected the site through their adverts they could just lie in wait for their victims to visit.

“What is particularly audacious about this plot is that the criminals appear to have posed as legitimate representatives of Suzuki in order to plant their dangerous code on Gizmodo's popular website." ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.