TechCrunch Europe has cleaned up its website following the discovery of malicious code that left visiting surfers exposed to infection by a variant of the infamous Zeus banking Trojan.

Malign script on eu.techcrunch.com attempted to serve up a malicious PDF file to readers of the news blog. The problem stemmed from a malicious iFrame in a JavaScript file that was used by the site as part of its WordPress blogging software installation.

TechCrunch responded to reports of the problem by purging the nasty code from its site, as explained in a blog post by Sophos (here) and Trend Micro. ®

Related stories

• WordPress swiss cheese vuln situation sorted (2 December 2010)
• Analysis Zeus botnet raid on UK bank accounts under the spotlight (11 August 2010)
• Botnet that pwned 100,000 UK PCs taken out (4 August 2010)
• Botnet with 60GB of stolen data cracked wide open (2 August 2010)
• Zeus bot latches onto Windows shortcut security hole (27 July 2010)
• Zeus spyware pretends to be Royal Mail PDF (16 April 2010)