TIO website hit by malware

The website of the Telecommunications Industry Ombudsman (TIO) has suffered a malware attack that caused it to be taken offline today.

The site was blocked for Google users this afternoon, with the search engine listing it as suspicious since Friday.

According to Google's diagnostic page, three pages on tio.com.au were infected, and successful infection resulted in an average of one new process on the target machine.

John DuBois, who is the TIO's Communications Manager, confirmed that the site was infected.

"There was some sort of foreign intrusion into the site," he told iTnews.

"We're still investigating the source of the issue; we took the site down for a little while and made sure that it was all clean."

However, a brief investigation by web security vendor Websense revealed that the site was still infected as of 5pm today.

According to Websense's Q3-Q4 2009 State of Internet Security report, 71 percent of Web sites with malicious code that were discovered during those six months were revealed to be legitimate sites that had been compromised.

"This is quite typical of cases where sites with legitimate purposes have been compromised by malicious code," Websense's ANZ marketing manager, David Brophy, told iTnews.

"It's a well-known site; it gets a lot of traffic," he said of the TIO Web site. "It [malicious code] only has to be up there for a couple of hours to potentially infect a lot of people."