Haphazard hacks at Daily Mail post a malware World Cup video

The Daily Mail has suffered another fail. This time by directing readers on its site to a link containing a malware-infected web page.

The newspaper already messed up over the weekend by running a story claiming that Apple would recall the iPhone 4. However, it was later found that the paper hadn’t checked facts. It had simply taken a parody Twitter account seriously.

And now it also seems it doesn’t check its external links properly either. According to Sunbelt Software, the paper inadvertently carried a link to a malware-infected web page via a video clip of Sunday’s England v Germany World Cup match.

The link, which pops up over the video, claims to show readers how to hack into Facebook accounts. However, it actually  redirects them to a fake survey page which purported to offer users the hacking software – infected with malware – in return for handing over information that could also be used for identity theft and hacking your own email and social networking accounts.

Christopher Boyd, senior threat researcher at Sunbelt Software, told TechEye: “In their coverage of the England Vs Germany match, [The Daily Mail] seemingly grabbed the first random Youtube clip they could get their hands on. Unfortunately for them, it was this one.”

And it seems Spamblog, the site users were redirected to, made some gains as a result of the Daily Mail’s reader click-throughs. Christopher told us that it had 200 hits today, before the link was removed by the paper, and 17000 in total from when the link had been posted. It had also seen a traffic increase of 50 percent from last week.

“That would explain the traffic spike for the spamblog, and also why Youtube have pulled it – looking at the comments from the article, it seems many readers with Youtube accounts have reported the video,” he said.

“It’s pretty harmless now, but I must admit to being baffled how someone could miss the large red box with the “Hack Facebook accounts” text in it.”