DMASA website hosting malware?

A page hosted on the Direct Marketing Association of South Africa’s (DMASA) website has been flagged by Google as suspicious, and the search giant warns that visiting it may harm your computer.

According to Google’s warning, the Food Tree page hosted on the DMASA website includes code from myteenmovies.net which appears to contain malware.

The Google Safe Browsing page for the myteenmovies.net domain said that part of the site was listed for suspicious activity once in the past 90 days.

Google Safe Browsing also said that the site doesn’t appear to download malicious software, but has infected 3,672 domains over the past 90 days.

Google explains that, “In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.”

DMASA site flagged for Malware by Google

With the recent spate of hacking affecting prominent websites, the question of whether the website has been hacked is one that immediately comes to mind.

However, third party web developers, webmasters or anyone else with login details of the site could add such malicious code to the page.

Examining the source of the page in question revealed that the code from myteenmovies.net is pulled in using an <iframe> tag right at the end of the file.

The DMASA has received exposure in the media for their direct marketing database containing ID numbers and contact information of many South Africans allegedly being leaked.

Brian Mdluli, CEO of the DMASA, and Pieter Streicher, MD of BulkSMS, have also debated in the media various points around opt-in and opt-out philosophies.

Karabo Phungula , webmaster for the DMASA, said he was unaware of the issue until it was brought to his attention by MyBroadband and would be approaching their hosting company for support.

According to Phungula, their website had been exhibiting problems since yesterday (19 July 2011).