"The Los Angeles Times has scrubbed its Web site of malicious code that served browser exploits and malware to potentially hundreds of thousands of readers over the past six weeks," reports Brian Krebs. The paper's statement on the matter is a model of how not to handle security clusterfucks.

7 Responses to “Exploit was active on LA Times site for 6 weeks”

  1. JohnnyLA says:

    Glad I read Boing Boing instead of the LA Times. :P

    My friend is a VP in Corporate IT and about 2 weeks ago when they posted about the Flash exploit he said to uninstall all Flash until it’s sorted or I might be sorry.

    Back online and reinstalled with the fixes but he thought it was a huge security exploit at the time..

  2. MrBrownThumb says:

    Good thing the only people who actually visit the LA Time website are HuffingtonPost bloggers when they need to skim an article to turn into a post. 

    • Antinous / Moderator says:

      You Won’t Believe The Five Inexplicably Ironic Articles That We’ve Lifted From The LA Times! (slideshow)

  3. timquinn says:

    Times is “between owners” expected to be sold any day. Tribune came out of bankruptcy, what, a month ago? Can I say this without irony? A lot of people had ‘issues’ at many levels. I look forward to the new ownership whomever it turns out to be, but don’t hold out much hope for any real change.

  4. kmoser says:

    “We’re sorry if anybody was offended by the malware we served.”

  5. That_Anonymous_Coward says:

    We take your safety and stuff like all real serious like, and even thou a whole slew of people have shown that we were serving malware we are still going to say that we still only MIGHT have been serving it up.

  6. Heevee Lister says:

    $ geany /etc/hosts
    127.0.0.1 offersanddeals.latimes.com
    (save)
    (close)
    $

Leave a Reply