Sign in / up

back to article NBC.com HACKED to spread bank account-raiding Trojan

The website of US TV network ‪NBC‬ was hacked to deliver Java and PDF exploits. The attack against NBC.com - which hosts entertainment and TV content - used a cybercrime toolkit called Redkit that was ultimately aimed at delivering Citadel, a banking Trojan. NBC acted promptly to cleaned up its promotional site, admitting the …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Silverburn

    NBC.com - which hosts entertainment

    It does??? I suppose some of the political commentators are hilarious.

    0 2
  2. Darkone

    NBC.com.. so popular in the states that the first person to notice the malware... was in the netherlands...

    4 0
  3. Anonymous Coward
    Anonymous Coward

    No user information was compromised, but it was a multi-exploit-using exploit kit?

    Nice twisting the truth, NBC. Your databases might not have been compromised, but users probably were.

    0 0
    1. Robert Helpmann??
      Reply Icon
      Childcatcher

      No user information was compromised

      You say "twisting the truth," they say "giving it a positive spin." In other news, war rages on in various parts of the world, but no animal testing was done in its production.

      0 0
    2. TXITMAN
      Reply Icon

      Nothing to see here move along

      No children were in danger, there was never a threat of radiation leakage, no need to evacuate the Internet...

      1 0
  4. Dunhill
    Devil

    they forgot to cleanup after this ??

    By M. Alex Johnson Reporter

    NBC News

    updated 7/16/2012 4:07:32 PM ET

    REDMOND, Wash. — NBC News has acquired full control of msnbc.com and its digital network from Microsoft Corp. and is immediately rebranding the site as NBCNews.com.

    0 0
    1. ecofeco Silver badge
      Reply Icon
      FAIL

      Re: they forgot to cleanup after this ??

      ...and Comcast just bought out the remaining shares from GE and now pwns NBC.

      Wait! Now I get it!

      0 0
  5. Anonymous Coward
    Linux

    RedKit Exploit Kit ..

    To deliver the malware, RedKit exploits two popular bugs:

    1.) The Adobe Acrobat and Reader LibTIFF vulnerability (CVE-2010-0188).

    2.) The Java AtomicReferenceArray vulnerability (CVE-2012-0507), lately used by the criminals behind the massive Flashback infection.

    1 0
    1. gollux
      Reply Icon
      Mushroom

      Re: RedKit Exploit Kit ..

      So basically one Adobe PDF Reader vulnerability that was patched two years ago and one Smoking Piece o'Java that was patched last year.

      Despite Oracle Slagware being a torture hole of demonic spew, if you'd kept it patched to the latest vulnerable version, you would still have missed out on joining the trojanfest. Nice to know that keeping the patches up had some little use and wasn't totally a Sisyphean task heading towards Pyrrhic Victory.

      0 0
  6. ecofeco Silver badge
    FAIL

    "No user information has been compromised"

    Sure, they weren't. We beleive you.

    You should use this as the title of your next comedy show.

    0 0
This topic is closed for new posts.