Daily cyber threats and internet security news: network security, online safety and latest security alerts
September 7th, 2010

Multiple TechCrunch Websites Compromised, Infect Visitors With Malware

Several websites from the TechCrunch Network, including TechCrunch Europe, MobileCrunch and CrunchGear fell victim to a code injection attack, which served malware to visitors. Founded in 2005, TechCrunch is one of the most popular technology blogs on the Internet. Since then it has evolved into a network or websites operated by the same organization.

Yesterday users started receiving malware warnings from their browsers and antivirus programs when accessing several of these sites.

TechCrunch Europe confirmed the problems on via its Twitter feed. “We’re aware of the (annoying) malware warning about the @TCEurope site, thanks everyone. Trying to fix ASAP,” the annoucement read.

The warnings were caused by malicious JavaScript code injected into the website’s pages, which was loading an exploit kit hosted on an external domain. The exploits tried to infect visitors with a version of the Zbot trojan, which is commonly used by cybercriminals to steal online banking credentials, credit card details and other sensitive information.

In addition to TechCrunch Europe, MobileCrunch ( and CrunchGear ( were also affected. The compromises were part of a larger mass injection attack targeting sites hosted at RackSpace.

The corresponding Google Safe Browsing diagnostic pages reveal that all three websites were hosting suspicious content yesterday.

TechCrunch uses WordPress as a platform across its network, but the same infection was reported on sites running Drupal, pointing to a problem within the hosting environment and not the Web applications themselves.

“Ideally TechCrunch will post a message on its site (on the TechCrunch Europe site, at least) informing users about the incident and advising that they check their PCs with an up-to-date anti-virus.

“I don’t see any message to that effect yet on that site – but I’m hopeful,” Graham Cluley, senior technology consultant at Sophos, commented.

Credit: News

Share this item with others:

More on CyberInsecure:
  • Compromised, Visitors Infected With Malware
  • More Websites Are Compromised, This Time Avoiding Chinese Websites And Users
  • Compromised Twitter Accounts Spread Links to Malware Downloads
  • Hackers Deface And Abuse Admins
  • Significant Number Of WordPress Websites Compromised, IFrame Used For Affiliate Scheme

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Multiple TechCrunch Websites Compromised, Infect Visitors With Malware

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.