It’s no surprise to see celebrities and corporate companies getting hit with malware attacks – cyber criminals often aim for those with the deepest pockets and the most to lose, which usually points them squarely at anyone with a public profile. A few weeks ago it was chef Jamie Oliver whose website was infected with malware that was redirecting site visitors to an exploit kit. Given that the site has around 10 million visitors every month this was a pretty big deal. Oliver’s people responded quickly to correct the problem and issued a statement saying that the malware had been dealt with and the site was safe to use.
All pukka right? Well no, as three weeks later Malwarebytes, which is a company that makes security software and first discovered the issue with Oliver’s site, found that – far from being clean of malware – the site was now serving up digitally signed malware. The malware in question is called Dorkbot.ED and is designed to watch what someone using a compromised computer does while online. It blocks security updates and helps itself to copies of logins and passwords and can use the compromised computer as a way to attack others. Anyone who visited the site via Internet Explorer – and did not have up to date Java and Flash plugins – could well find themselves infected.
There has been some criticism of Oliver’s team who, many suspect, simply did not deal properly with the issues, despite the reassurances they provided. A representative from Malwarebytes said, “It is indeed quite common for a hacked server to retain malicious shells or backdoors that keep on re-infecting the site.” For those of us – including the celebrity chef and his team – this is a stark reminder of just how insidious and tenacious malware can really be and how important it is to introduce real, effective measures against it.