The website of BusinessWeek has been attacked by hackers in an attempt to infect its readership with malware.
Hundreds of webpages have been affected in a section of BusinessWeek's website which offers information on where MBA students might find future employers.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
According to web security firm Sophos, an SQL injection attack - where a vulnerability is exploited to insert malicious code into a site's underlying database - peppered the site's pages with code that downloads malware from a Russian web server.
"It's worrying when any site suffers from a malicious SQL injection attack, but when it's also one of the 1,000 busiest websites on the internet, the stakes are even higher," said Graham Cluley, senior technology consultant at Sophos.
"The potentially large number of people visiting the site and accessing information to assist their careers may be putting their finances or personal data in jeopardy if they are not properly protected," he said
Earlier this year, Sophos reported that it was identifiying more than 16,000 new infected webpages every single day, 90% of them on legitimate sites that had been hacked.
Sophos said it was discovering a new malicious webpage every five seconds, three times faster than during 2007.
The code injected into BusinessWeek's website pointed to a Russian website that is currently down and not delivering further malicious code.
However, it could be revived at any time, infecting hundreds of MBA students looking for high-earning jobs. Sophos informed BusinessWeek of the infection last week.
Cluley has published a video demonstrating the problem on BusinessWeek's website, and providing tips on how companies can better defend themselves from similar attacks.