Home
 » ISP News » 
Sponsored Links

UPDATE BT Plc Website Blocked by AntiVirus Firms for Phishing Attack

Tuesday, Jun 17th, 2014 (7:31 am) - Score 1,926

The official BT Group website (http://www.btplc.com) is today being flagged up by a number of Internet security checks and Anti-Virus firms due to an alleged infection of Phishing Malware (malicious software), which is normally used to help hackers steal personal information.

The problem came to light this morning when we attempted to load the btplc.com website on several computers protected by ESET NOD32 Anti-Virus software, which instead returned an Alert! page warning of a “Potential phishing threat“. Digging deeper we were able to confirm that the website had very recently been added to the vendors Anti-Phishing Blacklist.

Advertisement

bt group phishing attack 1

A few quick checks around the Internet reveal that some but not all other anti-virus vendors had either made a similar block or noted a related event on the btplc.com website. For example, AVG’s free anti-virus software hasn’t detected anything but others like ESET’s NOD32 and Sucuri Inc. had. It’s not unknown for Anti-Virus firms to be overzealous when it comes to computer security software, but that’s not always a bad thing because it helps to keep you safe.

Digging deeper we were able to discover that the issue relates to an alleged infection by the MW:ANOMALY:SP8 malware virus, which has been around for a few years and is described by Sucuri as being, “A suspicious block of javascript or iframe code [that] loads a (possibly malicious) code from external web sites … Those types of code are often used to distribute malware from external web sites while not being visible to the user.”

The malware is generally hidden inside the websites existing javascript files and various checkers pointed to the following pages on btplc.com as being infected:

Infected Pages (may not be a complete list)
http://www.btplc.com/sharesandperformance/sharepricegraphs/index.cfm
http://www.btplc.com/news
http://www.btplc.com/Sharesandperformance/Annualreportandreview/index.cfm

Apparently all of the above exhibit the same line of remote-executed JavaScript code and we chose not to visit the main site until BT can confirm that it’s been dealt with. ISPreview.co.uk has notified BT of the issue, although they didn’t respond to our hails yesterday so we might not receive one today either.

Advertisement

All websites can be hit by this sort of thing and it’s likely that BT has already spotted and dealt with it, although if history is anything to go by then anti-virus vendors often don’t remove related warnings immediately and in some cases they can continue for several weeks even after the threat has been wiped.

Incidentally the http://www.bt-ngb.com website has also been offline for several days now, although this is not believed to be related and is just an unusual occurrence.

UPDATE 2:27pm

After an investigation BT has confirmed that the blocks, which have now been removed, were triggered by a false positive and ESET has updated their database accordingly. However one or two online security tests and web scanners probably won’t remove the issue from their lists until tomorrow or later. But the good news is that BT’s website is safe.

Advertisement

Tags: ,
Mark-Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and .
Search ISP News
Search ISP Listings
Search ISP Reviews

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £25.99
145Mbps
Gift: £50 Reward Card
Sky UK ISP Logo
Sky £26.00
145Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £19.00
300Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Youfibre UK ISP Logo
Youfibre £23.99
150Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (6046)
  2. BT (3645)
  3. Politics (2723)
  4. Business (2443)
  5. Openreach (2410)
  6. Building Digital UK (2333)
  7. Mobile Broadband (2154)
  8. FTTC (2086)
  9. Statistics (1910)
  10. 4G (1824)
  11. Virgin Media (1771)
  12. Ofcom Regulation (1589)
  13. Fibre Optic (1470)
  14. Wireless Internet (1464)
  15. 5G (1414)
Promotion
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact
Mastodon