Earlier today, Ronald Prince sent out a tweet stating that NBC.com had been infected with malware and that users should avoid visiting. This prompted others to look into the issue, with HitmanPro and Sucuri both confirming the issue, stating that a trojan and exploit links were present. In light of this, NBC released a simple statement confirming the problem while assuring users that their information hadn’t been compromised.
Visting the website in Chrome would prompt it to block access, warning users of malware that could infect their computer. According to the folks over at HitmanPro, NBC’s main domain was serving visitors with the Java and PDF exploits and infecting with the Citadel trojan. This is the result of the RedKit Exploit Kit.
A little while later, Sucuri chimed in saying that it wasn’t only NBC.com that had be compromised, but also some of its other websites, including that of Jimmy Fallon and Jay Leno. Examples include the website’s Shows, Video, Schedule, Sports News, and Extras sub-pages, where it is reported that malicious iframes are loaded.
According to NBC, this attack has not affected its NBC News Digital, which includes NBCNews.com, where it confirmed the attack. NBC says that it has “identified the problem and [is] working to resolve it.” Visiting the website in Chrome and Firefox no longer returns any warnings, and some are reporting that the compromise was only present for about 15 minutes. Users who believe they were infected are encouraged to download and run a malware removal program.
[via NBC News]