Jamie Oliver's ministry of malware served slops AGAIN

Chef cooks up evil code for the third time this year

Jamie Oliver

Celebrity chef, food activist and supermarket promoter Jamie Oliver's website has been compromised for the third time this year.

As with the previous two attacks, the WordPress site is serving up a password stealer, according to Malwarebytes, which hat-tipped Twitter account @hasherezade for the information.

Malwarebytes says the exploit kit looks similar to Gootkit, and at the time El Reg checked the site it seemed to have been flushed.

The malware was served by a bit.ly shortened link that redirected to the Fiesta exploit kit. This had been injected into all pages in the site. Fiesta then tried to infect the visitor with a Flash exploit, a Java exploit, and two payloads.

“Vulnerable systems will receive this dual payload which performs some fancy PowerShell footwork to lodge itself inside the registry,” the post says.

The shortened link injected into Jamie Oliver's site

Get your malware here: the bit.ly link that redirected visitors. Source: Malwarebytes

The popular TV chef suffered previous infections in February and March trying to get his tasty fanbase. ®


Biting the hand that feeds IT © 1998–2017