NBC Confirms Hack of NBC.com
Citadel Trojan that Plagued U.S. Banks Found on the WebsiteA blog posted on the website of NBC News says the network's main entertainment website, NBC.com, was hacked on Feb. 21.
See Also: Gartner Market Guide for DFIR Retainer Services
Wilson Rothman, technology and science editor at NBC News Digital, in a blog reported that security researchers warned Web users against visiting NBC.com, saying that hackers added links to malware on the site. Google's Chrome browser and others detected the threats and deterred users from loading the pages.
NBC released the following statement regarding the website, which promotes the entertainment offerings of the TV network: "We've identified the problem and are working to resolve it. No user information has been compromised."
Ronald Prins, co-founder of the Dutch IT security firm Fox IT, says in a web posting that the NBC.com website links to the Redkit Exploit Kit that is spreading Citadel malware that has been targeting American financials institutions [see Citadel Trojan Moves Beyond Banks].
"It has been shown before (with Dutch news site nu.nl, for example, along with the recent incidents at the New York Times and Wall Street Journal), targeting media and news websites can vastly improve an attacker's chances of success," Prins writes. "Users presume these large organizations websites to be free from malware. If an attacker can gain access to these Web servers, they can use them to distribute malware to every visitor of that Web server."
Prins said the hackers exploited an iframe - coding that allows the embedding of another document with an HTML document - that then tries to download and execute a malicious JAR and PDF files.
Another report, from the blogger HitmanPro, says the exploit was discovered on several other websites, including one for the NBC program Late Night with Jimmy Fallon.
Rothman says the breach has no effect on NBC News Digital, which operates NBCNews.com, TODAY.com and other news-oriented sites.