Gizmodo Brazil was poisoned to infect techies visiting the site
Media
Attackers modified the publication’s homepage by adding computer commands that redirected users to a different compromised site hosted in Sweden.
Trend Micro is investigating whether “a vulnerability was used in order to penetrate the web servers,” according to the security firm’s website.
When victims open the compromised site in Sweden, a malicious URL with a fake Adobe Flash download page written in Portuguese is loaded.
Trying to download triggers a message, stating:
“We can see that attackers used a legitimate service in order to trick users into thinking that the downloaded file was not malicious,” Trend Micro’s researchers say.
Gizmodo Brazil has since removed the compromised code from its servers.