By Kevin Rawlinson
Jamie Oliver’s website was affected by a “malware problem”, a spokesman for the celebrity chef has acknowledged.
Malicious code sought to exploit vulnerabilities in users’ systems and install malware, researchers found.
If installed, that malware could give hackers control of users’ computers, said one security consultant.
A spokesman for the Jamie Oliver Group played down the seriousness of the problem and told the BBC that it had been fixed.
According to Malwarebytes, unknown hackers either broke into Mr Oliver’s site and placed malicious code there, or exploited existing code.
The script would direct unsuspecting users to a WordPress site that hosted yet more malicious code. That would then run an exploit kit that would seek to find vulnerabilities in any user’s system and install malware called Dorkbot.
Online security consultant Graham Cluley said the hackers could then gain control of a user’s system and direct fake searches.
“In other words, you may think you’re googling but, in fact, you are being redirected against your will to search results that earn the attackers affiliate cash,” he told the BBC.
“In addition, you may find that you are tricked into installing bogus security updates on your computer or told to ring what is claimed to be technical support – although you would actually be speaking to scammers after your credit card details.”
According to a spokesman for Jamie Oliver, only 10 users had written to the site about the issue in the past couple of days.
He said that a “low-level malware problem” was identified and dealt with and that the site was now “safe to use”.
The spokesman added: “The Jamie Oliver website is regularly checked for vulnerabilities by both our in-house team and an independent third party, and they quickly deal with anything that is found.
“The team is confident that no data has been compromised in this incident, but if anyone is worried do please use the contact form on the site.
“We apologise to anyone who was at all worried after going on the site.”
The spokesman confirmed that existing code on the site was modified by a hacker, but said the website team was still trying to work out when that had happened.
The celebrity chef’s site has 10 million visitors per month and is ranked 515th in Britain, according to an analyst.
Mr Cluley said that its sheer popularity made the problem “serious”.
He said: “Users would hope that there was tight security in place on the website to prevent this kind of attack from happening – but it appears that things went badly wrong on this occasion.”
Jerome Segura, of Malwarebytes, uncovered the issue. He said that, during tests, the malware sought to exploit Adobe Flash, Microsoft Silverlight and Oracle Java.
Mr Cluley advised users to run up-to-date antivirus software and the latest patches to secure applications.
He added that users should avoid running their computers with admin privileges, “as this is more attractive for attackers”.
Recommended article: Chomsky: We Are All – Fill in the Blank.
This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.