The website of the US television network NBC, NBC.com, has been hacked and the computers of visitors to it have been infected with malware. An NBC spokeswoman confirmed the incident in a statement to Huffington Post. According to various security researchers, a hacker had gained access to the site and then embedded malicious iFrames into the pages. On unprotected systems, a variant of the Citadel Trojan, used for banking fraud and espionage, is installed.
The NBC spokeswoman said that the site had been cleaned up, no user information had been compromised and that “users who go on there now are safe”. However, according to a detailed explanation by SurfRight, the NBC site and associated sites such as latenightwithjimmyfallon.com and jaylenosgarage.com were also infected and were serving up Java and PDF exploits for older versions of Java and Reader as part of their attacks on visitors to the websites.
As a reaction to the hack, Facebook is reported to have blocked links to NBC.com from its social network and was warning users of content it had been labeling as “abusive” on the site, according to CNet. Both Google’s Chrome browser and Bit.ly also warned users when they attempted to visit NBC.com; both blocks have now been lifted.
