All the latest UK technology news, reviews and analysis

Hackers found using Java malware on coding site after Google warning

25 Oct 2013
Online Piracy

Hackers have been found exploiting a flaw in Java to serve malware to unsuspecting web users on the open source server coding site

The issue came to light after visitors to the site started receiving notifications from Google's safe browsing service that malware was on the site. This alerted the team who investigated the cause of the warnings.

They discovered that every so often a file within the servers used for the website was modified to serve malware to a user, before it reverted back to its original form. This made it especially hard to discover the issue, and it was only found thanks to Google's scanning system.

Work is now beginning to try and discover how the hackers managed to infect the systems used to run the website.

"We are continuing to work through the repercussions of the malware issue. As part of this, the systems team has audited every server operated by, and have found that two servers were compromised," it said in a post on the website.

"The server which hosted the, and domains, and was previously suspected based on the JavaScript malware, and the server hosting The method by which these servers were compromised is unknown at this time."

Users of the site will also be asked to reset their passwords although the firm said this is only a precautionary measure for those with projects hosted within the services affected.

The website said it is also acquiring a new SSL certificate in case the attackers had acquired private keys for the site's security systems.

"We are in the process of getting a new certificate, and expect to restore access to sites that require SSL (including and in the next few hours," it said.

The use of Java for the attack is not surprising as the software has been blamed for numerous incidents throughout 2013 and was recently the subject of a huge patch update from Oracle.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Dan Worth

Dan Worth is the news editor for V3 having first joined the site as a reporter in November 2009. He specialises in a raft of areas including fixed and mobile telecoms, data protection, social media and government IT. Before joining V3 Dan covered communications technology, data handling and resilience in the emergency services sector on the BAPCO Journal

View Dan's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Work location poll - office, remote or home?

Where do you spend most time working on your primary work device?

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Beacon technology: what are the opportunities and how does the technology work?

This paper seeks to provide education and technical insight to beacons, in addition to providing insight to Apple's iBeacon specification


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

.Net Developer - ASP.Net / C# / VB.Net / SQL Server / HTML

.Net Developer - ASP.Net / C# / VB.Net / SQL Server...

Junior PHP Developer - PHP / MySQL / HTML / CSS

Junior PHP Developer - PHP / MySQL / HTML / CSS Leading...

Senior .Net Developer - ASP.Net / C# / SQL Server / HTML / CSS

Senior .Net Developer - ASP.Net / C# / SQL Server / HTML...

Junior Software Developer - Web / C# / ASP.Net / HTML / CSS

Junior Software Developer - Web / C# / ASP.Net / HTML...
To send to more than one email address, simply separate each address with a comma.