Characteristically, Phoenix attempts at uploading many attack codes, including data-stealing malware. Websense's Carl Leonard, senior research manager for EMEA stated that possibly an SQL injection compromised the BBC computers alternatively there had been a hijacking of the British Broadcasting Corporation's FTP servers. ZDNet published this.

Leonard continued that it wasn't expected that websites such as BBC would host malware. And since the BBC online sites were high-profile in nature, therefore the assaults were likely to cause great impact, he analyzed. ZDNet published this.

Evidently, the attack works when the visitor simply arrives on the online site for getting victimized with the drive-by download assault, as an iFrame has been inserted into the twin sites for loading malware automatically. Says Websense, the attack delivers the payload merely once when the end-user first accesses the website.

Meanwhile according to Leonard, whilst a website similar to the BBC became contaminated with a malevolent web-link, the possibility was immense for numerous unwitting users becoming influenced with malware. Today's threats aimed at areas where there was huge traffic and that explained the reason why 80% of the malevolent websites the company saw during 2010 were in reality authentic websites, which had been hijacked, the research manager contended. SCMagazine published this on February 16, 2011. And while, Websense continues to evaluate the malicious program getting delivered via the BBC sites, it doesn't state the manner in which the attackers implanted the iFrame.

In the meantime, hackers' attack on a BBC website is not unknown. During September 2010, BBC Radio 3 as well, apparently had been subjected to a bulk insertion assault following which Google's Safe Browsing blacklisted the site since its four pages caused the downloading and planting of malware devoid of users' permission.