Computer security firm Sophos issued a warning after it found hidden malicious code on LaoAirlines’ web site Friday. Sophos said the malware is embedded at the bottom of the Laoairlines.com web page in invisible java script code. Users who land on the site are automatically redirected to another site in China which then attempts to run an exploit and download an executable file (.exe) on the user’s computer, without any interaction by the user.

The company said the latest anti-virus patches from security vendors would help protect users. Until the problem is resolved, the Lao Airlines site is not safe to visit. Other travel sites also may be targeted by the malware distributors. -JH