Jamie Oliver’s site serves up a tasty slice of malware

Food Header

The official site of TV chef Jamie Oliver, which sees an average of 10m visits per month, has been compromised by hackers serving malicious files to visitors which could take control of their computers.

JamieOliver.com, which is ranked number 538 in the UK according to analytics firm Alexa, was hacked into by criminals, either through a compromised plugin used by Oliver’s site or through stolen login details for the site.

The attack was spotted by security firm Malware Bytes, which alerted Oliver’s site operators. The site appears to have since been cleaned of the malicious files.

Visitors were shown another website embedded directly into the site, which attacked their computers through bugs in Flash, Microsoft’s Silverlight and Java.

If successful, the attackers then installed malware on to the users’ computers, leading to the installation of more malicious software.

The attackers could then use the computer to launch further attacks as part of a botnet, steal data and send spam, among other uses. It is not known how many users fell victim to the attacks.

“It all started with a compromised JavaScript hosted on jamieoliver.com. It could be a legitimate script that has been injected with additional content or a rogue script altogether,” explained senior security researcher Jérôme Segura. “The webmasters will need to look for additional evidence of infection, rather than simply restore or delete the offending script.

“Contrary to most web-borne exploits we see lately, this one was not the result of a malicious ad (malvertising) but rather a carefully and well hidden malicious injection in the site itself,” said Segura.

Carl Leonard, principal security researcher at Websense, said: “The code can come back at any moment if webmasters are not prepared. If end users are browsing to such sites, companies need to ensure … that threats hosted on the far-reaching corners of the web are stopped in their tracks.”

A spokesperson for the Jamie Oliver group told the Guardian: “The team at jamieoliver.com found a low level malware problem and dealt with it quickly. The site is now safe to use. We have had only a handful of comments from users over the last couple of days, and no-one has reported any serious issues. The team is confident that no data has been compromised in this incident but if anyone is worried, do please use the contact form on the site.”

“We apologise to anyone who was at all worried after going on the site.”

Powered by Guardian.co.ukThis article was written by Samuel Gibbs, for theguardian.com on Wednesday 18th February 2015 12.27 Europe/Londonguardian.co.uk © Guardian News and Media Limited 2010