Government-backed website in malware scare

  • Published
Security warning
Image caption,

Victims would have seen a realistic-looking security warning

A government-backed website, designed to champion the UK's start-up businesses has inadvertently linked users to malware, it has emerged.

StartUp Britain, which launched on Monday, linked to a page hosting fake anti-virus programs, according to security firm Sophos.

It will be an embarrassment for the government, which has been widely promoting the initiative.

The link was removed shortly after launch, according to StartUp Britain.

It told the BBC in a statement: "There were some issues with a link on the website at the launch. This issue has been addressed and any links that were not operating as intended have been amended or removed."

Malvertising

According to Paul Baccas, a senior threat researcher at Sophos, the link featured in an article about US investor Warren Buffet and took users to a fake banking site.

"It went to a third-party site, bankling.com, where users were redirected to a fake anti-virus page given a prompt saying their computer was infected and encouraging them to download a fix," he said.

In reality, the fix contained malware.

The exploit only affected users of Internet Explorer, including the most recent versions. Other browsers, including Firefox, were not affected.

The slip will be embarrassing for the government, especially as Prime Minister David Cameron had helped launch the site and the Number 10 website linked prominently to it.

Last month, the London Stock Exchange hosted booby-trapped adverts that asked visitors to download similar fake security software.

And this week, music streaming service Spotify apologised after 'malverts' were served to some of its users.

So-called malvertising is becoming a growing problem for businesses.

Related internet links

The BBC is not responsible for the content of external sites.