The Latest in IT Security

India’s DNA e-newspaper website infected with fake antivirus campaign


DNA (Daily News and Analysis) is an Indian daily English language newspaper. According to Wikipedia, DNA ranks 8th among the top ten English dailies in India. Recently, the Zscaler solution was blocking access to this site, as it contained malicious content. Here is the homepage of this website:
The ‘Today’s E-newspaper’ link (circled above) is an online version of the printed periodical. We discovered that one of the pages from this e-newspaper site was infected with malicious script. Here is the screenshot of that page:
The malicious script tag had been inserted in plain text as can be seen in this screenshot of page

The malicious script tag directs the victim’s browser to ‘hxxp://’. This page then redirects the user to another malicious site (‘hxxp://,), which will again redirect victim to random sites hosting fake antivirus campaigns. Here is the screenshot displaying a fake malware alert:

As usual, page employs social engineering tactics, which display fake warning messages and threat names to scare the victim into downloading a fake AV product. The VirusTotal result for the downloaded binary currently shows only 10/43 AV engines detecting this particular attack. Here we have yet another example of a legitimate and popular websites being infected so that the attacker(s) can impact a significant number of victims.


Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments