NBC.com Compromised, Hackers Exploited The Website to Spread Malware

NBC.com Compromised, Hackers Exploited The Website to Spread Malware

The month of February is still going from bad to worse for the cyber domain, in this very month cyber criminals swallowed the security system of many giant companies like Facebook, Twitter, Apple, New York Times and many more. But the game is not over yet, as we have just passed a few weeks, when the attack on NY Times took place, which stolen the employ database; yet again the cyber criminals have targeted another media giant National Broadcasting Company widely known as NBC. During the attack, hackers have successfully gain access inside the server of NBC and planted malware, in order to harm innocent readers. Famous security expert and blogger Brian Krebs said that the hackers inserted code into the NBC.com homepage. This caused visiting browsers to load pages from third-party sites that were compromised. While explaining the nature of the attacker, Krebs said; "The compromised sites tried to foist the Citadel Trojan, a variant of the Zeus Trojan." The Zeus is a "sophisticated data theft tool that steals passwords and allows attackers to control machines remotely" he added. Not only the NBC’s home page, also several others were affected, including the pages of late night talk show hosts Jay Leno and Jimmy Fallon. Well known security firm Sophos explained how roughly attack played out, and how NBC got sucked into the equation:
  • NBC's hacked pages were altered to add some malicious JavaScript that ran in your browser.
  • The JavaScript injected an additional HTML component known as an IFRAME (inline frame) into the web page.
  • The IFRAME sucked in further malicious content from websites infected with an exploit kit known as RedKit.
  • The exploit kit delivered one of two exploit files to try to take control over your browser via a Java vulnerability or a PDF bug.
  • If the exploit worked on your computer, financially-related crimeware from the Citadel or ZeroAccess families was installed.
This, of course, is an example of a dreaded drive-by download, where the crooks use a cascade of tricks to download, install and execute software without going through any of the warnings or confirmation dialog you might expect. This, in turn, means that even if you are a careful and well-informed user, you may end up in trouble, since there are no obvious signs that you are doing anything risky, or even unexpected.
As soon as this story get spotted the American commercial broadcasting television network, NBC News reported and confirmed that its site had been attacked. The broadcaster released the following statement regarding the website: "We've identified the problem and are working to resolve it. No user information has been compromised."
The emergency response team immediately take the situation under control and restored the website, and confirmed that the site is back again and completely safe for its visitors. But so far there is no evidence of attackers who were involved in this attack. For the safety of VOGH readers we would like to recommend you to update your operating systems and browser plugins. Also note that the attack on NBC was similar to many that have occurred in recent years in that the malicious sites tried to exploit vulnerabilities in Java. So it will better to disable Java, unless it is that much necessary. So stay tuned with VOGH and be safe in the cyber domain. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info. Thank You ! -Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You! -Team VOGH

Related Posts Plugin for WordPress, Blogger...