Home / Vulnerability / NBC infected by Malware and unknowingly serving it to visitors for 24 hours

NBC infected by Malware and unknowingly serving it to visitors for 24 hours

The latest hack of the popular NBC news proves that you can be infected by a Malware by just visiting a reputable website.

A trojan “Citadel,” infected visitors of NBC.com, and related sites for “Late Night with Jimmy Fallon” and “Jay Leno’s Garage.” It appears to be having the same scheme of what happen to other larger websites, Twitter, Apple and Facebook.

ESET reported that the malware has been spotted first on February 20 at around 17:00 CET.

“The exploit is trying to download multiple files to victim machines. Not surprisingly these files are dubious in character,” ESET’s Stephen Cobb explained.

“One of the files being served up is a downloader called Win32/TrojanDownloader. Vespula.AY which, again not so surprising, attempts to download some more artifacts that are currently being analyzed. Other downloads are detected as

Trojan.JS/Exploit.Agent.NCX,” he continued.

A security researcher named Dancho Danchev, wrote in his blog post about the attack:

“The cybercriminals behind the campaign embedded invisible … elements on the main page, which they periodically rotated to prevent detection from security vendors and researchers,” Danchev said.

Fortunately, most of the security firms claimed that there customers were protected by threats after conducting analyzation.

In this time of writing, NBC.com has reported that the sites are now clean.

We would like to know your reactions at the comments below 😀

About Clifford Trigo

I am Clifford Trigo a proud Boholano / Pinoy / Filipino Web App Security Researcher. Day by day, I'm learning new things :)) Visit my Hackerone Profile, currently at top 2 overall :D