CBS-affiliated Television Stations Expose Visitors to Angler Exploit Kit

We BBC what you did there

We’ve noticed a couple of websites in circulation which have “BBC” in the URL and have a news style aspect to their general demeanor. However, they all do things which you don’t see happening on official BBC websites and we thought it would be a good idea to give you a heads up.

The first site in question is

bbcmedia(dot)pl

which appears to be a news site of some description (with “BBC Media” at the top of the page), until you scroll further down and see that it is promoting Acai diets complete with weight loss pictures.

Acai

The site links to an “Acai power” website which is currently offline.

Next up, we have

bbcnews(dot)net(dot)br

which displays a collection of news articles with a prompt to download Adobe Flash Player.

Flash download

The download link leads end-users to a .gov.br website, but the download is missing so we can’t say for sure what was going on here.

Interestingly, the .gov website was compromised back in 2013 and a mirror can be found on the Zone-H website so it isn’t a stretch to think something else has happened since then.

Finally, we have

bbcnewstime(dot)us/

which has a number of pages on it including a CNN style effort offering up surveys in return for Tornado footage  and a replica Facebook page along the same lines which features two ladies having a minor disagreement (and by “minor disagreement”, I mean “strangle fight”).

cnn on bbc
Share?

The BBC doesn’t offer up berry diets, survey questions or anything else along the lines of the above so if in doubt, jump on over to the main website and take things from there.

Christopher Boyd

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.