back to article NBC.com HACKED to spread bank account-raiding Trojan

The website of US TV network ‪NBC‬ was hacked to deliver Java and PDF exploits. The attack against NBC.com - which hosts entertainment and TV content - used a cybercrime toolkit called Redkit that was ultimately aimed at delivering Citadel, a banking Trojan. NBC acted promptly to cleaned up its promotional site, admitting the …

COMMENTS

This topic is closed for new posts.

NBC.com - which hosts entertainment

It does??? I suppose some of the political commentators are hilarious.

0
2

NBC.com.. so popular in the states that the first person to notice the malware... was in the netherlands...

4
0
Anonymous Coward

No user information was compromised, but it was a multi-exploit-using exploit kit?

Nice twisting the truth, NBC. Your databases might not have been compromised, but users probably were.

0
0
Bronze badge
Childcatcher

No user information was compromised

You say "twisting the truth," they say "giving it a positive spin." In other news, war rages on in various parts of the world, but no animal testing was done in its production.

0
0

Nothing to see here move along

No children were in danger, there was never a threat of radiation leakage, no need to evacuate the Internet...

1
0
Devil

they forgot to cleanup after this ??

By M. Alex Johnson Reporter

NBC News

updated 7/16/2012 4:07:32 PM ET

REDMOND, Wash. — NBC News has acquired full control of msnbc.com and its digital network from Microsoft Corp. and is immediately rebranding the site as NBCNews.com.

0
0
Silver badge
FAIL

Re: they forgot to cleanup after this ??

...and Comcast just bought out the remaining shares from GE and now pwns NBC.

Wait! Now I get it!

0
0
Linux

RedKit Exploit Kit ..

To deliver the malware, RedKit exploits two popular bugs:

1.) The Adobe Acrobat and Reader LibTIFF vulnerability (CVE-2010-0188).

2.) The Java AtomicReferenceArray vulnerability (CVE-2012-0507), lately used by the criminals behind the massive Flashback infection.

1
0
Mushroom

Re: RedKit Exploit Kit ..

So basically one Adobe PDF Reader vulnerability that was patched two years ago and one Smoking Piece o'Java that was patched last year.

Despite Oracle Slagware being a torture hole of demonic spew, if you'd kept it patched to the latest vulnerable version, you would still have missed out on joining the trojanfest. Nice to know that keeping the patches up had some little use and wasn't totally a Sisyphean task heading towards Pyrrhic Victory.

0
0
Silver badge
FAIL

"No user information has been compromised"

Sure, they weren't. We beleive you.

You should use this as the title of your next comedy show.

0
0
This topic is closed for new posts.

Forums