This article is more than 1 year old
Jamie Oliver's ministry of malware served slops AGAIN
Chef cooks up evil code for the third time this year
Celebrity chef, food activist and supermarket promoter Jamie Oliver's website has been compromised for the third time this year.
As with the previous two attacks, the WordPress site is serving up a password stealer, according to Malwarebytes, which hat-tipped Twitter account @hasherezade for the information.
Malwarebytes says the exploit kit looks similar to Gootkit, and at the time El Reg checked the site it seemed to have been flushed.
The malware was served by a bit.ly shortened link that redirected to the Fiesta exploit kit. This had been injected into all pages in the site. Fiesta then tried to infect the visitor with a Flash exploit, a Java exploit, and two payloads.
“Vulnerable systems will receive this dual payload which performs some fancy PowerShell footwork to lodge itself inside the registry,” the post says.
Get your malware here: the bit.ly link that redirected visitors. Source: Malwarebytes