CATEGORIES
home Leisure Social And Internet

NBC.com Hacked, Facebook Blocks NBC links as “Abusive”

by Jennifer JohnsonFriday, February 22, 2013, 12:31 PM EDT

Yesterday, NBC.com was hacked and the site was infected with malicious software. Several security experts advised users to avoid the site due to the fact that it had been compromised. Since many users presume large organizations such as NBC.com are free from malware, a hack such as this has the potential to reach a large number of people in a relatively short amount of time.

According to reports, an iframe on NBC's site loaded a webpage that attempted to download and execute malicious Java and PDF files. As the HitmanPro blog explains, "The exploit drops the Citadel Trojan which is used for banking fraud and cyber-espionage." The attacks were carried out using the RedKit Exploit Kit which is known to generate and rotate attack URLs every hour. According to Fox-it.com, the version of Citadel used in the attack is only recognizable by 3 out of the 46 antivirus programs on virustotal.com.

After visiting NBC.com, the HitmanPro blog notes some victims have been infected with the ZeroAccess malware. This malware modifies search results on a user's computer and generates pay-per-click ad revenue for the criminals.

It's been reported that other NBC-affiliated websites such as http://www.latenightwithjimmyfallon.com were also serving some of the same malicious links as NBC.com.

After discovering the hack, Facebook blocked users from accessing the NBC.com website through its site in an effort to help protect users from being infected. If a user attempted to share a URL from NBC.com, they would see an error message that read, "An error occurred while processing this request. Please try again later." If a user attempted to access a NBC link through Facebook a message stating, "This link has been reported as abusive" would appear. Users who attempted to visit NBC.com or one of its affected affiliate sites using Google Chrome or Firefox may have received warnings yesterday as well.

In a statement released yesterday NBC said, "We've identified the problem and are working to resolve it. No user information has been compromised." Late Thursday, NBC Universal said its website was safe to visit. An NBC spokeswoman who spoke with Reuters said she could not confirm whether users had been infected by visiting the site. NBC News claims NBC News Digital sites such as NBCNews.com and TODAY.com were unaffected by the attack.

Security researcher Dancho Danchev believes the cybercriminals behind the NBC.com attack are the same as those responsible for fake Facebook and Verizon Wireless emails that direct readers to infected Web pages. According to Danchev, the tactics used in the NBC.com attack as well as the sites that users were redirected to were similar to earlier attacks involving Facebook and Verizon Wireless. As Danchev put it, "Someone's multi-tasking. That's for sure."

TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment