Webmasters had to purge the website of former Beatle Paul McCartney after hackers planted malware.

The timing of the attack coincided with a reunion gig between McCartney and Ringo Starr at the David Lynch fundraiser concert in New York on Saturday. Hackers used the occasion, the duo's first joint performance in seven years, and the heightened attention it brought to McCartney's website to upload the crimeware toolkits, LuckySploit, onto the site.

ScanSafe links the attack to a string of malware-related phishing scams involving the compromise of online banking accounts and powered by the Zeus botnet.

PaulMccartney.com has since been cleansed of infection, ScanSafe reported on Tuesday. More technical details on the attack can be found here. ®

Related stories

• Trojan plunders $480k from online bank account (14 October 2009)
• World's nastiest trojan fools AV software (18 September 2009)
• Seeking web security, exploit operators prefer Firefox (21 August 2009)
• US bank deposits checks via iPhone camera (10 August 2009)
• New script outstrips all other drive-by download risks (15 May 2009)
• Viral web infection siphons ad dollars from Google (14 May 2009)
• RSA Security maven sics 'special ops' on botnet gangs (24 April 2009)
• Unpatched web vulns turn internet into drive-by warzone (3 February 2009)
• Indian embassy website hack part of wider assault (29 January 2009)
• Easy updates best for browser patching (27 January 2009)
• 'Legit' website compromises reach epidemic proportions (5 June 2008)
• Hackers seed malware on Indian anti-virus site (8 February 2008)
• Hacked embassy websites found pushing malware (23 January 2008)
• Mass web infection leaves researcher scratching her head (11 January 2008)
• Hackers turn Cleveland into malware server (8 January 2008)
• Indian police academy hosts phishing site (9 October 2007)