# Hindustantimes.com hosting malware !



## pauldmps (Dec 16, 2010)

I generally open up Google News (news.google.co.in) to get all the latest news. Recently, from about 3-4 days, my antivirus alerts me of a malware "Trojan:Win32/FakeSysdef" whenver I open any news article on the site "www.hindustantimes.com" 

The following things happen.

1. As I open any link at Hindustan Times site, the "Java" icon pops up in the system tray. This means that some Java applet must be running.

2. My antivirus software detects malware "Trojan:Win32/FakeSysdef" (Microsoft malware encyclopedia entry here: Encyclopedia entry: Trojan:Win32/FakeSysdef - Learn more about malware - Microsoft Malware Protection Center)



The first time, my computer got infected with the malware & I had to manually remove it. Once, my antivirus also detected some "Exploits" as soon as I opened any page of the above mentioned site.

I think the site is being exploited without the knowledge of the owners as Hindustan Times is a reputed media agency. I don't know where else to complian about it, so I posted here. I even sent an e-mail to Hindustan Times but there was no reply. 

Did anyone experience such problem recently ?


----------



## PraKs (Dec 16, 2010)

Can you share the URL where you have this pop up from MSE ?


----------



## pauldmps (Dec 17, 2010)

^^I think any of the pages in the site would do. But if you still insist :

China diplomatic on 26/11, Pakistan terror camps - Hindustan Times

Be wary that all of these is random. The same page when opened the second time did not cause any pop-up in the antivirus.

Warning :- Click the link on your own risk.

Bump.............

Did anyone find anything ?


----------



## jit (Dec 27, 2010)

i have been getting my pc infected -- first with Smart HDD malware, other malwares which take over the pc and do not even allow you to start task master. took me long time to figure out its coming from hindustan times website.

The time line matches with what is reported above after 16 Dec 2010.


----------



## pauldmps (Dec 27, 2010)

At least one person confirmed this. 

Weirdly enough, there has been no much outrage about it on the internet.

However I could find this: Shoot First, Mumble Later: Hindustan Times: Thanks for the virus

Also news reports emerge of Indiatimes.com site too doing the same. I don't use that site so can't say. Again the timesofIndia also reportedly hosting malware.

TimesOfIndia.com Has Advanced Adware/Malware - Sepia Mutiny
IndiaTimes website 'attacks visitors' ? The Register


----------



## pauldmps (Jan 1, 2011)

UPADTE: Again today, I was bombarded with malware infection 3 times after visiting a single page of hindustantimes.com.

The threat as detected by MSE is  Backdoor:Win32/Cycbot.B

Encyclopedia entry: Backdoor:Win32/Cycbot.B - Learn more about malware - Microsoft Malware Protection Center 

*i54.tinypic.com/2a94hfp.jpg
*i51.tinypic.com/292tfg1.jpg


----------



## paroh (Jan 2, 2011)

i am using free edition of avast and comodo firewall but there is no problem with me on hindustantimes.com.
If u still having the problem i think u should mail or give a feedback report to hindustan times


----------



## ico (Jan 2, 2011)

Use Linux.


----------



## PraKs (Jan 2, 2011)

It seems, its only MSE which is giving all these virus alerts.


----------



## pauldmps (Jan 3, 2011)

PraKs said:


> It seems, its only MSE which is giving all these virus alerts.



Do you mean they are fake alerts ?

My pc got infected twice (inspite of MSE installed) & I got the same prompt and symptoms as the Microsoft Malware encyclopedia suggests.

This time the malware proved more difficult to remove. I had to install Malwarebytes to completely remove the malware.



paroh said:


> i am using free edition of avast and comodo firewall but there is no problem with me on hindustantimes.com.
> If u still having the problem i think u should mail or give a feedback report to hindustan times



Does avast detects anything ? 

Last time it happened when I clicked the link to second page of the "comments" section. Try fiddling with random pages & links on the site.

And I did send them an email, but there was no reply.


----------



## web (Jan 4, 2011)

I tried the links specified by you but I my Kaspersky (KIS) didn't have a single problem with the HindustanTimes.com.

I have been using HT for a long time and hadn't any problem those days too


----------

