Jamie Oliver website hacked, dishes up malware with sides
The website of celebrity chef Jamie Oliver has been hacked after cyber-criminals apparently injected malicious code onto the site.
Security researchers at Malwarebytes found the highly-obfuscated malicious script hidden towards the bottom of the webpages at jamieoliver.com, noting that this could have been a legitimate script injected with additional content or a rogue script altogether.
They say that the site was most likely compromised as a result of stolen credentials or a compromised website plug-in.
When web users visited jamieoliver.com, they would be redirected to a legitimate but compromised WordPress site where an exploit kit similar to Fiesta EK would attempt to run three exploits against Flash, Silverlight and Java on the user's machine. Users that were not fully-patched with these services would be compromised, and the hacker would then look to download the Dorkbot Trojan (also known as Win32/Boaxxe.BR and Trojan.Win32.Muref.cv), in order to hijack the PC and redirect search engine results.
This exploit kit would only be served once, and thus not to those returning visitors, while it also wouldn't target users operating VPNs.
Jamie Oliver's team are aware of the incident, and are conducting their own investigation into the matter. All malicious content has apparently been removed from the website, which is said to attract 10 million visitors per month.