Malware Plagues London Stock Exchange Web Site
Modernizing Authentication — What It Takes to Transform Secure Access
The London Stock Exchange can't seem to catch a break. Less than 48 hours after a technical glitch stopped all trading, Google flagged the stock exchange's Web site for malware.
Users trying to get to londonstockexchange.com via Google Chrome or Mozilla Firefox were shown a warning page on Feb. 27 that warned the site may contain malware. Chrome and Firefox both use Google's malware blocklist to flag suspected sites.
Merely viewing the stock exchange's main homepage caused malware to be downloaded in a drive-by attack, Paul Mutton, an information security consultant based in Wiltshire, England, wrote on the High Severity security blog. He was alerted to the issue by some users on Twitter.
Google's Safe Browsing feature provides diagnostic information for the site's malware history. "Of the 281 pages we tested on the site over the past 90 days, 65 page(s) resulted in malicious software being downloaded and installed without user consent," the diagnostic page read on Sunday. The diagnostic page claimed to have found two scripting exploits, two Trojans, and one exploit. A successful infection resulted in an average of five new processes on the compromised machine, according to the page.