NBC.com and Associated Sites Hacked and Serving Citadel Malware -UPDATES: Google, Facebook Blocking NBC Links
A Twitter tip (@zrotech) has us on to the breaking news of NBC.com being hacked and serving up Citadel malware.
A quick search turned up the following information on the Hitman Pro blog –
It serves both Java (CVE-2013-0422) and PDF exploits. The exploit drops the Citadel Trojan which is used for banking fraud and cyber-espionage. The Citadel malware communicates with the following server, which is already sinkholed:
hxxp://184.82.177.125/tr2002/file.php
hxxp://184.82.177.125/tr2102/file.phpAn hour later the attack pages were swapped, which means the cyber criminals still have access to NBC’s pages, (my emphasis) linking to e.g.:
hxxp://moi-npovye-sploett.com/qqqq/1.php
hxxp://nikweinstein.com/cl/google.php
hxxp://walterjeffers.com/ctuk.html
hxxp://barbecuechickenrecipes.org/ctuk.htm
Banking fraud and cyber espionage are giant threats in the world of malware. With all the news recently of Twitter, Facebook, and Apple getting hacked, it is interesting that this big of an exploit has come up in the recent wake of those stories. There have been accusations of a Chinese military-sponsored effort behind the biggest and most sophisticated cyber-attacks against this country. We’ll update with all details as they become available. In the meantime, don’t visit NBC.com if you can help it.
Update – The same source reports that Facebook is blocking links to NBC.com
UPDATE 2 –
Reports are coming in that this of course affects not only NBC’s subsites, but other sites like JayLenosGarage and Late Night with Jimmy Fallon. Google is also reportedly blacklisting all NBC sites, which I have tested but haven’t seen yet.
Last Update – There are reports that the malware is no longer active and has been removed from the sites. We’ll have a wrap-up on everything we can find out – what happened, how you can protect yourself and more as soon as possible.
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU