NBC.com hacked, serving up Citadel malware

[м¢ℓσνιη]

The latest high-profile organisation to fall victim to cybercriminals is the National Broadcasting Company (NBC), one of the so-called Big Three television networks in the USA.

NBC's website was "owned" and used as a go-between in a campaign to infect online visitors automatically.

Fortunately, the malevolent content on the site was up only briefly, limiting the harm that was done.

But researchers at Dutch security company SurfRight managed to grab samples of some of the malware on offer during this time.

→ The samples acquired during the NBC infection aren't necessarily a complete manifest of the malware that was disseminated. The crooks can vary what is served up by their attack sites based on many factors, such as browser type, operating system, your location, the time of day and more.

Here's roughly how the attack played out, and how NBC got sucked into the equation:

• NBC's hacked pages were altered to add some malicious JavaScript that ran in your browser.
• The JavaScript injected an additional HTML component known as an IFRAME (inline frame) into the web page.
• The IFRAME sucked in further malicious content from websites infected with an exploit kit known as RedKit.
• The exploit kit delivered one of two exploit files to try to take control over your browser via a Java vulnerability or a PDF bug.
• If the exploit worked on your computer, financially-related crimeware from the Citadel or ZeroAccess families was installed.

Read more: http://nakedsecurity.sophos.com/2013/02/22/nbc-website-hacked-and-distributes-malware/

 

[Cesar]

I am no computer wiz but that has to be some serious stuff right there!
gets me to wonder.. will USA come about being attacked cyberly?

 

[м¢ℓσνιη]

The hack, which affected NBC.com and related sites for "Late Night with Jimmy Fallon" and "Jay Leno's Garage," infected visitors to the compromised sites with the Citadel Trojan. The potent strain of malware is used for cyberespionage and to steal bank account information.
Infecting computers with malware when they navigate to a website is called a "drive-by download," and cybersecurity experts say it's a growing -- and terrifying -- attack technique. Users who are simply surfing the Web can unwittingly stumble upon a hacked website, which may look completely normal.

Source: http://money.cnn.com/2013/02/22/technology/security/nbc-com-hacked-malware/index.html?iid=SF_T_MPM

 

[Cesar]

wow! so you're saying If facebook got hacked by that it would appear as it is now?

 

[Doug]

lolololol yea I saw someone talking about this on a site I use