BBC hit by drive-by-download malware exploit
Yesterday Websense announced in a blog post that it had discovered malware on the BBC's 6 Music and 1Xtra radio streaming sites. That's the second such episode in six months, as the BBC Radio 3 site had a similar incident in September of 2010. These incidents illustrate the importance of the drive-by-download as a threat. The large number of sites and pages available to your browser user creates a huge attack surface to exploit. Even an organization like the BBC, which certainly has resources and expertise in the area of web development, can be hit. Our approach to solving the problem is proactive scanning for web site malware distribution. An automated daily scan can identify these attacks right away and make it possible for site administrators to take them down quickly before more harm is done. In addition to limiting the distribution of malware to innocent site visitors, it also has the opportunity to avoid embarassing situations like the malware incidents we saw last year from Network Solutions, Go Daddy, and TechCrunch.