In this section

• Home
• Security
• SophosLabs blog
• 2008
• 04

• Analyses
• SophosLabs
• SophosLabs blog
• Spyware and adware
• Top 10 malware
• Hoaxes
• Technical papers
• Email notification
• Best practice
• White papers
• Web seminars
• Podcasts
• Hot topics

4 April 2008 11:32 GMT

Learning Wales gets you infected

Last month we reported a high profile site infected with Troj/Badsrc-A. Looking through the feedback we get from the WS1000 web appliance, we have seen some more high profile infected sites.

As I write the website is still infected. SophosLabs doesn’t recommend visiting it.

The source of this page shows the attack:

The attack site and script have been obfuscated (the last three x’s are ‘uck’). The domain pointed to by this attack seems to be down. However, the existence of this malicious script suggests other more serious issues on this server.

We have tried contacting the sites owner’s and are currently awaiting a response.

Pob, SophosLabs, UK

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot