/ Sign-up Was Infected; Facebook, Google Blocked Access

By - Source: Reuters | B 11 comments

Here we go again.

And the hack-a-thon continues, as has become the latest to be infected with malicious software. The first report actually stemmed from Facebook Thursday afternoon, as the social network began blocking access to NBC's website after it was reported as "abusive". Google also blacklisted the site.

After reports began to surface, several security bloggers confirmed the infection, advising web surfers to steer clear of the buggy website. Those who already visited may have suffered a drive-by-download attack using the Citadel Trojan, meaning software is downloaded to the hard drive simply by loading the webpage. This Trojan is typically used in banking fraud and… wait for it… cyber-espionage.

According to Securi, affected websites included Late Night with Jimmy Fallon, Jay Leno's Garage and other NBC-based websites. "Anyone that visits the site (which includes any sub-page) will have malicious iframes loaded as well redirecting the user to exploit kits (Redkit)," the blog stated.

The HitmanPro blog added that there were two exploit links on the NBC website, one of which was on the main default (entry) page. Both served up Java and PDF exploits which dropped the Citadel Trojan on the unsuspecting visitor. Two Trojans were actually detected which communicated to two separate servers.

Some of the victims have also been infected with the ZeroAccess malware, HitmanPro said. Symantec describes this as a Trojan that uses an advanced rootkit to hide itself. It can also create a hidden file system, download more malware, and open a back door on a compromised computer. It's called ZeroAccess due to a string found in the kernel driver code.

By 4pm EST, NBC reportedly cleaned up its mess. "Users who go there now are safe," an NBC spokeswoman told The Huffington Post. Indeed, pulling up in a web browser no longer triggers a Trojan warning.

NBC is just one of many sites that have suffered hacks over the last few months. The Wall Street Journal, The New York Times and The Washington Post have pointed fingers at China whereas Facebook, Twitter and Apple have remained quiet on the possible source. This string of hacks is a perfect example of why readers should always keep everything up-to-date including Windows, Java, Adobe, browser and anti-virus products.


Contact Us for News Tips, Corrections and Feedback

This thread is closed for comments
Top Comments
  • 19 Hide
    A Bad Day , February 21, 2013 10:47 PM
    Patch a hole...

    They find another.

    Patch that hole...

    They find another.

    A very serious game of whack-a-mole...
Other Comments
  • 3 Hide
    hoofhearted , February 21, 2013 10:43 PM
    Can't say I am sorry to see this happen to them.
  • 19 Hide
    A Bad Day , February 21, 2013 10:47 PM
    Patch a hole...

    They find another.

    Patch that hole...

    They find another.

    A very serious game of whack-a-mole...
  • Display all 11 comments.
  • -9 Hide
    f-14 , February 21, 2013 11:09 PM
    A Bad DayPatch a hole...They find another.Patch that hole...They find another.A very serious game of whack-a-mole...

    reminds me more of the Department Of Trasportation. adobe/oracle can't ever do anything right the first time.

    anon has been helping the commies in retaliation for the USA's involvement in TPPA
  • -5 Hide
    wannabepro , February 21, 2013 11:12 PM
    Probably the Chinese, again..
  • -3 Hide
    thecolorblue , February 22, 2013 12:00 AM
    wannabeproProbably the Chinese, again..

    you've been brainwashed... FAIL
  • 4 Hide
    Kami3k , February 22, 2013 12:07 AM
    And I'll say it again, listen to your IT departments.....
  • -6 Hide
    Kami3k , February 22, 2013 12:07 AM
    thecolorblueyou've been brainwashed... FAIL

    Go back to, fool.
  • 6 Hide
    A Bad Day , February 22, 2013 12:10 AM
    Kami3kAnd I'll say it again, listen to your IT departments.....

    That's assuming you staffed your IT department with competent folks:

    The "security auditor" said this:

    "Strong cryptography only means the passwords must be encrypted while the user is inputting them but then they should be moved to a recoverable format for later use."
  • 2 Hide
    tokencode , February 22, 2013 12:39 AM
    I see increased IT and security budgets in the future.... all good stuff for the IT job market. These type of events all raise questions about outsourcing development and security as well.
  • 0 Hide
    g00fysmiley , February 22, 2013 11:21 AM
    java is just so... bad why do people still use it X.x at work i have to have it installed but on my home pc it is blisfully absent i get requested to install it often and every time decline, if your site requres java then i don't need to see what is on the site
  • 0 Hide
    teaser , February 22, 2013 12:07 PM
    for a moment I thought google were going the animal sacrifice know like apple
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter
  • add to twitter
  • add to facebook
  • ajouter un flux RSS