The official site for British chef, Jamie Oliver, was taken over by hackers and abused to redirect visitors to an exploit kit possibly infected hundreds of thousands.
Jamie Oliver is an English celebrity chef, restaurateur, cookbook author, and TV personality who operates his own food-focused television show which is widely popular among chefs and foodies around the world. Publishing several cookbooks, Oliver has also been working on a global campaign for better food education.
The site cybercriminals redirected Oliver’s site to was a legitimate WordPress site which had been compromised, performing redirects to the exploit kit. Visiting the same page twice did not direct visitors to the exploit kit twice, due to its filtration setup. The malware also focused heavily on filtering out VPN’s, requiring users to have a residential IP address to be redirected.
Too further cause issues, when the initial site had been hacked and redirected to the exploit kit only two out of the 57 commercial antiviruses picked up the malware. At the time of writing this article, VirusTotal reports that 27 out of the 57 now recognize the malware dropper.
Another noticeable issue with the malware is it hijacks and redirects search traffic, causing unwanted redirections, misleading users to install phony software on their system wreaking more havoc.
If you recently visited chef Jamie Oliver’s website searching for a recipe or similar, your machine may be infected with the malware dropper. The list of victims could be especially huge, seeing as Jamie Oliver’s website fathers over 10 million hits per month.
Jamie Oliver’s web team responded to the issue timely, telling Business insider the site was once again safe to visit. Oliver’s spokesperson said:
“The team at jamieoliver.com found a low level malware problem and dealt with it quickly. The site is now safe to use. We have had only a handful of comments from users over the last couple of days, and no-one has reported any serious issues. We apologise to anyone who was at all worried after going on the site. The Jamie Oliver website is regularly checked for vulnerabilities by both our in-house team and an independent third party and they quickly deal with anything that is found. The team is confident that no data has been compromised in this incident but if anyone is worried, do please use the contact form on the site.”