PBS Website Compromised, Used to Serve Exploits

Some sections of the popular PBS.org Web site have been hijacked by hackers serving up a cocktail of dangerous exploits.

According to researchers at Purewire, attempts to access certain PBS Web site pages yielded JavaScript that serves exploits from a malicious domain via an iframe.

The malicious JavaScript was found on the “Curious George” page that provides content on the popular animation series.

A look at the code on the hijacked site shows malicious activity coming from a third-party .info domain.

The URL serves exploits that target a variety of software vulnerabilities, including those in Acrobat Reader (CVE-2008-2992, CVE-2009-0927, and CVE-2007-5659), AOL Radio AmpX (CVE-2007-6250), AOL SuperBuddy (CVE-2006-5820) and Apple QuickTime (CVE-2007-0015).

Purewire said the exploit site is part of a malware campaign that includes tens of similar Web sites hosted off of a handful of common IP addresses.

Read the Purewire blog for more information on this attack.

A representative for PBS.org tells me the malicious code has been removed from the site.