NBC.com Was Infected; Facebook, Google Blocked Access

And the hack-a-thon continues, as NBC.com has become the latest to be infected with malicious software. The first report actually stemmed from Facebook Thursday afternoon, as the social network began blocking access to NBC's website after it was reported as "abusive". Google also blacklisted the site.

After reports began to surface, several security bloggers confirmed the infection, advising web surfers to steer clear of the buggy website. Those who already visited may have suffered a drive-by-download attack using the Citadel Trojan, meaning software is downloaded to the hard drive simply by loading the webpage. This Trojan is typically used in banking fraud and… wait for it… cyber-espionage.

According to Securi, affected websites included Late Night with Jimmy Fallon, Jay Leno's Garage and other NBC-based websites. "Anyone that visits the site (which includes any sub-page) will have malicious iframes loaded as well redirecting the user to exploit kits (Redkit)," the blog stated.

The HitmanPro blog added that there were two exploit links on the NBC website, one of which was on the main default (entry) page. Both served up Java and PDF exploits which dropped the Citadel Trojan on the unsuspecting visitor. Two Trojans were actually detected which communicated to two separate servers.

Some of the victims have also been infected with the ZeroAccess malware, HitmanPro said. Symantec describes this as a Trojan that uses an advanced rootkit to hide itself. It can also create a hidden file system, download more malware, and open a back door on a compromised computer. It's called ZeroAccess due to a string found in the kernel driver code.

By 4pm EST, NBC reportedly cleaned up its mess. "Users who go there now are safe," an NBC spokeswoman told The Huffington Post. Indeed, pulling up NBC.com in a web browser no longer triggers a Trojan warning.

NBC is just one of many sites that have suffered hacks over the last few months. The Wall Street Journal, The New York Times and The Washington Post have pointed fingers at China whereas Facebook, Twitter and Apple have remained quiet on the possible source. This string of hacks is a perfect example of why readers should always keep everything up-to-date including Windows, Java, Adobe, browser and anti-virus products.

 

Contact Us for News Tips, Corrections and Feedback

Create a new thread in the Streaming Video & TVs forum about this subject
This thread is closed for comments
11 comments
    Your comment
    Top Comments
  • A Bad Day
    Patch a hole...

    They find another.

    Patch that hole...

    They find another.

    A very serious game of whack-a-mole...
    19
  • Other Comments
  • hoofhearted
    Can't say I am sorry to see this happen to them.
    3
  • A Bad Day
    Patch a hole...

    They find another.

    Patch that hole...

    They find another.

    A very serious game of whack-a-mole...
    19
  • f-14
    A Bad DayPatch a hole...They find another.Patch that hole...They find another.A very serious game of whack-a-mole...


    reminds me more of the Department Of Trasportation. adobe/oracle can't ever do anything right the first time.

    anon has been helping the commies in retaliation for the USA's involvement in TPPA
    -9