Dear Boing Boing readers —
Around 11:30 EST on January 10th, An unknown party logged into Boing Boing's CMS using the credentials of a member of the Boing Boing team.
They proceeded to install a widget into our theme that allowed them to redirect users to a malware page hosted at a third party.
Because of the nature of programmatic advertising, we first assumed this was a malicious adscript, and asked initial reporters to report this activity via our Ad Partner's "bad ad" reporting page.
While in this case, the malicious code did not originate from an ad, it *did* allow our ad partner to eventually notify us of the specifics of the attack. Once this was confirmed, we removed the offending code immediately from our servers and our CDN partners.
From a systems security perspective, this is an excellent cautionary tale of the importance of individual user security. Even two-factor authentication and password hygiene can be compromised on the user's end, and just because a particular issue (in this case, malware) had been detected via third parties in the past, it always pays to consider all possible first-party infection vectors, as well.
If you read Boing Boing this past weekend, please run your local anti-virus and malware scanners.