Nidhi Shah, a research scientist at Purewire told SCMagazineUS.com, “It’s not clear how how hackers were able to break into the site, but it is possible that they obtained the credentials to an FTP account or exploited an SQL injection vulnerability.”

The exploit manifested as a pop up for visitors to authenticate their session with a username and password before viewing the site contents. When users canceled the message screen or entered the wrong credentials, an error page informed them that they had failed to login properly. That error page contained JavaScript code which loaded malware from an exploit site targeting a number of known software vulnerabilities in Adobe Acrobat Reader, AOL Radio AmpX and SuperBuddy and Apple QuickTime. Any user not patched against these bugs received the malware.

It’s undetermined how many people encountered the attack, but Kevin Dando, director of digital and education communications at PBS believes the exposure to be very low since PBS has not received complaints. Mr. Dando told SCMagazineUS.com that internal triggers had alerted them to the situation. They  addressed it quickly, and that the situation has been completely fixed as of last Friday.

In his closing comments, Mr. Dando warned “that this incident should serve as a reminder that any system can potentially be exposed to infection, and service providers must remain vigilant against threats and be prepared to act aggressively and be ready with pre-established procedures.”

“In 2009, we see three key trends that could impact IT security – a continued explosion of new malware variants, advanced web threats, and an uptick in threats related to social networking sites.” Mr. Salem reinforced that “cybercriminals are more sophisticated and driven than ever, and they operate in an increasingly profitable underground economy that makes it easy for them to not only buy and sell stolen information such as credit card data or even identities.”

Data from Symantec’s Global Intelligence Network indicates we have reached the point where there are more malicious programs created than legitimate programs every day, and that cyber attackers leverage vulnerabilities fueled by application code. Hackers compromise specific (often open source) websites, and then use them as a means for launching other attacks across the internet.

Hosting websites in a secure environment helps prevent malicious hackers from breaching files and applications and stealing confidential information, but you can to more to protect your identity. Partnering with a web host who also has expertise in website security is critical. FireHost’s team of security engineers works directly with clients to help identify and close vulnerabilities in programming and design that hackers can use to exploit your company.

To learn more about how we help remedy JavaScript and open source vulnerabilities, visit our Services page.