The most popular internet speedtest site, Speedtest.net, was recently compromised. They have since fixed the issue and the site is no longer infected, but if you visited the site within the last few days and if you have Java installed, lookout.
Invincea has a fantastic dissection of the payload the infected site was delivering. This is a great opportunity to discuss how completely legitimate websites – e.g. Speedtest.net – can infect your system. It doesn’t have to be a *questionable* website or suspicious email that leads to infection. Websites can be compromised in any number of ways and commonly, 3rd party ads on websites are how malicious activity can sneak-in.
There is no single solution to security. Security is a multi-layered approach. With AdBlock and NoScript installed, you’re knocking off a good chunk of attacks before they even get a chance to start. By running ESET Nod32 antivirus and Malwarebytes’ Anti-Malware Pro, you’re giving your system the best chance at fighting off anything that makes its way onto your system. Changing your DNS to a faster and more-secure service, such as Google Public DNS, Comodo, or OpenDNS, helps keep the pool of sites you bump into, as safe as possible. A hardware firewall, updated applications (and only essential applications installed), and user-awareness add to the security sandwich.
So keep your wits about ya, folks. Don’t think that just because you’re browsing legitimate sites, you’re not vulnerable to attack.
For those interested in an alternative to Speedtest.net, there is an HTML5/no Java/no Flash service provided by SpeedOf.Me.