UK NHS Reported Bug Directing Users to Malware

[Harry-Potter]

The NHS’s Health and Social Care Information Centre saw pages from the NHS Choices website lead users to a 3rd-party website containing adverts and malware.
The error in question saw more than 800 links on the nhs.uk site sending users to websites that serve advertising and malware unrelated with the service.

 

 

Representatives of NHS Choices explained that the problem has arisen because of an internal coding error and the site hasn’t been maliciously attacked.
The issue was initially uncovered by Muzzers, a user on the social news website called Reddit, when he was searching for medical information on the NHS site.

The user published a list of over 800 links compromised by the bug.
He explained he stumbled upon a page redirecting him to some advertisement when looking for flu shot information.

Then he found hundreds more pages leading to either an ad or malware-infested page.
The web developers discovered that it was due to a last year mistake: someone accidentally misspelled “translate.googleapis.com” as the source for the JavaScript file.
As a result, the internal coding error sent visitors to the mistyped URL, and a 3rd-party was quick to take advantage of it: they registered the mistyped domain name and served advertising and malware.

The investigation found out that the incorrectly spelt domain was registered in the Czech Republic, while the correctly spelled one belongs to Google.
The developers admit that the typo existed in NHS Choices code for many months, but until the mistyped domain name was registered, it wasn’t causing any issues.

Soon after Reddit user discovered the flaw, it was detected by the NHS Choices team during routine security check.
The development team conducted an investigation to identify and correct the coding error, and they promise to fully resolve the correction at the nearest future to prevent future redirect issues.

At the moment, most of the affected links have already been corrected.
It remains unknown how the bug affected visitors, or whether any of them suffered from the malware served by the 3rd-party website.
The NHS Choices assured everyone that they are treating the issue with urgency and once resolved they are determined to undertake a thorough and detailed analysis and a full code review to put steps in place to ensure no recurrence.