Skip to main content

Computer Associates main Web site hacked, routes visitors to Chinese malware site

Parts of Computer Associates' main Web site were hacked last week, with visitors being automatically re-routed to a malware site hosted in China.

Computer Associates has not issued a report on the hack, but newswire reports suggest that parts of the press section of its Ca.com portal were rerouting visitors to the uc8010.com domain, which has been hosting malware since last month.

Commenting on the embarrassing hack, Brian Chess, Fortify's founder and chief scientist, said that the attack vector appears to be similar to a site hack of the Dolphin Stadium Web portal of early last year (opens in new tab), with Javascript routines inserted into the body of the relevant pages.

"Unconfirmed reports suggest that the press section of the Ca.com portal is hosted by a third party organisation, but this makes no difference to the visitors, who were being redirected to a malware site in China," he said.

According to Chess, the site hack is an embarrassing incident for Computer Associates, but this kind of hack isn’t just about embarrassment any more.

"Breaches like these are being perpetrated by criminals being pid [sic] to install malware on personal computers. Viruses aren’t spread on floppy disks any more - the corporate website has become a leading vector for getting malicious code past the firewall.

Sure it’s embarrassing, but more importantly it’s a perfect example of how criminals are leveraging the trust people have in a brand like CA’s to gain control of their computers," he said.

Désiré Athow
Contributor

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.