Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

Jamie Oliver's Website Serving Malware 125

jones_supa writes While routinely checking the latest exploited websites, Malwarebytes came across a strange infection pattern that seemed to start from the official site of British chef Jamie Oliver. Contrary to most web-borne exploits we see lately, this one was not the result of malicious advertising but rather carefully placed malicious JavaScript injection in the site itself. This, in turn, has been used to serve visitors a delicious meal consisting an exploit kit downloading the Dorkbot trojan. Malwarebytes has contacted the administrators immediately upon discovery of this infection.
This discussion has been archived. No new comments can be posted.

Jamie Oliver's Website Serving Malware

Comments Filter:
  • ...news @ 11...

  • This doesn't surprise me. I run modsecurity WAF and iptables, yes I know but iptables does the job for now, with custom rules and logging policies and it is amazing to see how many so called legitimate sites have been owned.

    I used to contact site admins and participate in exchanges of offending IPs but I gave up a long time ago to run my own countermeasure system.

    Boy we went a long way since the beginning with regards to that.

    • iptables does the job for now, with custom rules and logging policies and it is amazing to see how many so called legitimate sites have been owned

      Hmm so with iptables you can detect and block JS injections in a page...?

      • by ls671 ( 1122017 )

        yes but it is much easier to to it with mod_security, as mentioned in my OP, for my users and to make sure we ain't serving any.

    • One of the hosting companies I used a decade ago got hacked, causing every page to contain maláfare. I tried contacting them to get it fixed but nothing worked. I ended up having to switch hosting companies because of that problem. But I learned a good lesson. It's not a good idea to go with bargain basement hosting companies. I wonder if this is a similar issue.
      • by Lumpy ( 12016 )

        A lot of people hate GoDaddy for good reasons, but they do respond to that kind of stuff fast. I have had far more trouble with the little guys than the big behemoth.

  • I think that he's dancing somewhere right now.
  • by lippydude ( 3635849 ) on Thursday February 19, 2015 @02:31AM (#49085275)
    "Once executed, Worm:Win32/Dorkbot.A .. modifies the certain registry entry to execute the malicious file every time Windows is started" ref [tech-talks.com]
  • Is that with fries or rustic potatoes

Whoever dies with the most toys wins.

Working...