Pregnant Kate Middleton doll leads to malware infection for AOL users

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Take care if you visit the main page of AOL UK today – a story about Kate Middleton being pregnant (or rather a doll of a pregnant Duchess of Cambridge) has a nasty sting in its tail.

AOL website, , promoting Kate Middleton doll story

The story, featured prominently on AOL’s main webpage, points to a different website – MyDaily.co.uk – another part of the AOL media empire.

Story on MyDaily website

Sign up to our free newsletter.
Security news, advice, and tips.

The MyDaily website uses a legitimate piece of JavaScript code to “carousel” different adverts on the website. However, hackers have managed to breach security on the site and insert their own line of code.

The code the cybercriminals have injected onto the webpage attempts to run malicious code from a third-party site.

Malicious code injected into the website

Sophos products block the offending webpage as Mal/Iframe-Y.

Malicious hackers love to exploit high traffic websites. Think about it, rather than luring you to visit a site created by a hacker (in order to infect your computer) they can compromise an existing popular website and simply wait for traffic to come their way.

Always run up-to-date anti-virus software on your computer, and ensure that every webpage your computer visits is being scanned for malicious code.

Also, if you run a website – make sure that something like this doesn’t happen to you. For more information on securing your website download our technical paper “Securing Websites” published by SophosLabs. In addition to advice on common attack techniques including SQL injection, the paper also discusses establishing a secure foundation for your site and how to deal with external service providers.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.