Cop site spreads Trojan

The abandoned former web site of Hertfordshire police has been found spreading malware, according to Sophos.

The anti-virus company said that an old Hertfordshire Police Authority site, set up to redirect users to its new site, was infected with a Trojan script which attempts to hack Windows users via the browser.

Troj/IFrame-DY is a relatively recent variant of a well-known Trojan. It secretly opens an invisible browser frame to a hacker-controlled site which then attempts to install all kinds of nasties – such as back doors and keyloggers – on the surfer's PC.

Sophos said that the case shows the perils of keeping unused and unsecured web sites live.

Though, since the site in question does not currently appear in search engines, the threat was likely only of concern to people using bookmarks.

The web site is located... Err, Maybe not!