Website of Celebrity Chef Jamie Oliver Compromised with Malware

Malwarebytes, a security firm, says that the website of celebrity chef Jamie Oliver is infecting with malware 10 million visitors per month on an average through the Fiesta Exploit Kit leveraging Adobe Flash zero-day vulnerability which was patched recently.

Unlike modus operandi of operators of exploit kit, the website of the celebrity chef has not fallen victim to a malvertising campaign but it was breached.

Malwarebytes say that the malicious injection of Javascript makes an iframe and uses another compromised site to send visitors to a landing page of exploit kit where minimum three exploits (Silverlight, Flash and Java) are thrown. However, if the PC is not completely patched, a malicious dropper (Malwarebytes identifies this as Trojan.Dorkbot.ED) downloads and runs.

Once infected, search engine of users get hijacked and they may be tricked into downloading the updates of malicious software.

Malwarebytes is not sure about the way of presence of the compromised Javascript into the site in the first place.

Betanews.com published news on 17th February, 2015 quoting Jerome Segura, Senior Security Researcher, as saying "It could be a genuine script which has been inserted with additional text or a full rogue script."

He also guesses that the cause might not be a plug-in and credentials might be stolen.

He added that drive-by-downloads continue to be the top infection vector due to malicious ads and cyber-criminals can choose from a wide range of software vulnerabilities.

He also said that there are cases like this one where the site is hacked which is the cause of malicious redirections and webmasters find it very difficult to detect the source which needs a lot of forensic work to detect the origin of the problem.

Malwarebytes said that it called the administrators of the site straightway after the discovery of the infection.

Visitors without the latest software updates for Flash, Jave and Silverlight installed on their systems are advised to avoid the recipe source of Jamie Oliver until the website is cleaned of the malicious code.

Moreover, it is not the first time that Oliver has faced hackers because in 2013, his Twitter feed was taken over and began sending messages about quick-fix fat diets.

» SPAMfighter News - 2/25/2015