SecurityWorkspace

NBC Site Hacked To Serve Up Malware

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Thousands could have had malware from NBC site, security experts warn

Popular entertainment firm NBC has had its main website hacked to serve up malware. Other sites have blocked access to NBC, including Facebook, which was itself a victim of a malware attack this week.

Security researcher Ronald Prins of Fox-IT in the Netherlands warned about the compromise yesterday, whilst other researchers found two exploit links were resident on the NBC.com website. One of those malicious links was on the homepage.

NBC exploits

Cybersecurity, Hack © Anatema Shutterstock 2012“It serves both Java (CVE-2013-0422) and PDF exploits. The exploit drops the Citadel Trojan which is used for banking fraud and cyber-espionage,” read the HitmanPro blog.

“The attacks were carried out by the Redkit Exploit Kit…. Some of the victims have also been infected with the ZeroAccess malware after visiting NBC.com.

“The ZeroAccess malware moderates an affected user’s Internet experience by modifying search results, and generates pay-per-click advertising revenue for its controllers, the cybercriminals.

“An hour later the attack pages were swapped, which means the cyber criminals still have access to NBC’s pages.”

NBC, however, said it had identified the problem and was working to resolve it. “No user information has been compromised,” the company said.

Facebook is blocking links to NBC.com from the social network. A number of browsers also prevented users from visiting the site. Yet many may have been infected.

“Thousands of untold visitors were exposed to infection. Early indications are that the NBC.com site was in this infectious state for at least 24 hours,” said Stephen Cobb, security evangelist at ESET.

Are you a security expert? Try our quiz!