This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

London Stock Exchange website hit by malware scare

Share this article:

The website of the London Stock Exchange was hit by a drive-by-download attack over the weekend.

According to information security blogger Paul Mutton, writing on his 'High Severity' blog, the London Stock Exchange website was propagating malware to its visitors on Sunday. Visitors were infected by a rogue anti-virus that uses a software vulnerability to run native executable code on the victim's computer.

He said that the spoof program appears in the system tray and prevents other processes such as task manager to be run, falsely claiming that the user is infected with a virus. This malware also replaces the computer's wallpaper with a warning message.

It was later revealed that the malware was introduced via a third party advertising site used on the homepage via a 'malvertising' attack. “LSE have disabled the affected adverts, so all should be well now,” said Mutton.

He said that the infected page also led to Google's safe browsing diagnostic page confirming that malicious content was being served to the site's visitors. It said that of the 281 pages Google had tested on the site over the past 90 days, 65 pages resulted in malicious software being downloaded and installed without user consent. The site was also blocked by Chrome and Firefox, which both make use of Google's malware blocklist.

However, the London Stock Exchange denied that it was propagating malware. A spokesperson told SC Magazine that its website was not infected and that a third party provider called Unanimis, functioning as an intermediary for its website, was hit and the London Stock Exchange was one of many sites to be affected.

The spokesperson said: “We have had a lot of technology issues in the last few weeks and this is nothing to do with us. To be infected you have to go through our adverts to another site, so it is not the adverts on our website that are propagating malware, you had to click through to them.”

A statement from Unanimus, said: “Malware was detected on the Unanimis network which affected some advertisements on our network. Other than the banner advertisements in question, the malware does not impact or affect any other parts of a website. The affected advertisements have been removed and all sites continue to operate normally. For clarity the London Stock Exchange website was not impacted by this malware, not did it propagate malware.”

The spokesperson also pointed to a Google safe browsing report that confirmed that the website had not been affected by anything in last 90 days. The London Stock Exchange had previously informed Mutton that his blog was 'wholly inaccurate' because the LSE was not propagating malware, however he said that he strongly disagreed with the claim.

"The most obvious point is that simply visiting their homepage was enough to cause malware to be installed, with no need to click on anything. If their website includes content from other sites, which is designed to propagate malware, then transitively, their site will also be propagating malware," said Mutton.

“That is a fair and accurate claim to make, regardless of where the malware executables are actually hosted. In summary, if someone visits your homepage and it results in malware being downloaded and installed without the user having to do anything, then I believe it's fair to say that your website is propagating malware.”

The British stock exchange was in the headlines at the start of this month after it was reportedly the victim of a cyber attack on its headquarters last year.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

VC cyber security funding tops £850 million

VC cyber security funding tops £850 million

A new study from US-based research firm CBI Insights reveals that corporate cyber security investments have risen five-fold since 2009, with 30 percent growth in the last year alone.

Russian/Chinese cyber-security pact raises concerns

Russian/Chinese cyber-security pact raises concerns

News that Russia and China are set to sign a cyber-security treaty next month have left Western cyber experts unsure whether it is a threat or a promising development.

UK police arrest trio over £1.6 million cyber theft from cash machines

UK police arrest trio over £1.6 million cyber ...

London Police have arrested three suspected members of an Eastern European cyber-crime gang who installed malware on more than 50 bank ATM machines across the UK to steal £1.6 million.