Computer Associates main Web site hacked, routes visitors to Chinese malware site

Parts of Computer Associates' main Web site were hacked last week, with visitors being automatically re-routed to a malware site hosted in China.

Computer Associates has not issued a report on the hack, but newswire reports suggest that parts of the press section of its portal were rerouting visitors to the domain, which has been hosting malware since last month.

Commenting on the embarrassing hack, Brian Chess, Fortify's founder and chief scientist, said that the attack vector appears to be similar to a site hack of the Dolphin Stadium Web portal of early last year, with Javascript routines inserted into the body of the relevant pages.

"Unconfirmed reports suggest that the press section of the portal is hosted by a third party organisation, but this makes no difference to the visitors, who were being redirected to a malware site in China," he said.

According to Chess, the site hack is an embarrassing incident for Computer Associates, but this kind of hack isn’t just about embarrassment any more.

"Breaches like these are being perpetrated by criminals being pid [sic] to install malware on personal computers. Viruses aren’t spread on floppy disks any more - the corporate website has become a leading vector for getting malicious code past the firewall.

Sure it’s embarrassing, but more importantly it’s a perfect example of how criminals are leveraging the trust people have in a brand like CA’s to gain control of their computers," he said.