back to article Prince of pop trash PerezHilton pwned, visitors hit with cryptxxx

Pop trash giant PerezHilton.com has served the world's most dangerous exploit kit to some of its 500,000 daily visitors. The site is home to Hollywood and celebrity news and has been pwned before under hugely successful malvertising campaigns using the dominant Angler exploit kit. Cyphort researcher Nick Bilogorskiy says the …

  1. nsld
    Paris Hilton

    Lawsuit?

    Got to be a class action opportunity for the lawyers in this.

    Popcorn.......

  2. Nevermind
    Holmes

    No poop Poirot

    And the advertising industry would rather cry about nasty people using ad-blockers, than deal with the security of the structure that allows malvertising.

    1. Prst. V.Jeltz Silver badge

      Re: No poop Poirot

      Is that really their job? surely the browser makers , and runtime people - java flash whatever , should be coming up with some way of properly sandboxing a webpage, and if thats too difficult (probly due to Adobe) then browsers should have an easy to use "safe mode" where all potential nasties are switched off.

      Problem is at the moment you switch that stuff off and nothing works - including things that dont need "that stuff" . so web developers should be taking some responsibility too.

      After all , its just conceivable that your drive by attack might not be dispensed by an advert , you might have actually strayed onto a malicious site, and that would bypass any number of 'best practice' rules the ad agencies cobbled up.

      1. Anonymous Coward
        Anonymous Coward

        Re: No poop Poirot

        Sandboxing is easy. I get a friend to read me the HTML over the phone.

        Sometimes I print the raw HTML and read it on the train home.

        Only base64 pisses me off. Its unreadable.

      2. Triggerfish

        Re: No poop Poirot

        Yes it is their job they are delivering the content.

        Sandbox would be nice, in a way you can get a similar effect I guess by running ad-block, no script etc, ok it's not a sandbox but it does act to prevent nasties running.

  3. Anonymous Coward
    Anonymous Coward

    I'm shocked! Ads are malware. Who would have thought?

  4. wolfetone Silver badge
    Coat

    Chat shit, get pwned

  5. Anonymous Coward
    Anonymous Coward

    The website owner is responsible

    Just because you chose to delegate some of your content to a third party, does not absolve you of responsibility when it turns out to be malware

    1. Voland's right hand Silver badge

      Re: The website owner is responsible

      That is yet to be proven in a court of law.

      When this happens it will be quite entertaining - especially the bribes and "friend of course" pushing which will be deployed by the usual suspects for the decision not to go against the site.

      1. Anonymous Coward
        Anonymous Coward

        Re: The website owner is responsible

        "That is yet to be proven in a court of law."

        What are you talking about?!

        If you connect to a URL that that's the web site that you are connecting to. I don't care if the back-end web page data comes from a static html page on your web server or a cast of bloody thousands supplying a stream of web analytics, advertising, tracking et al. ALL of it is the responsibility of the owner - if the owner is stupid enough to resell space on their web site for Ads that turn out to be malware, I'm coming after you as the site owner.

  6. Elmer Phud

    Flies round . . . .

    If you go to a site that spews out shite for you to take delight in other's plight . . .

  7. allthecoolshortnamesweretaken

    As this is PerezHilton.com - where is the downside?

    1. Fred Flintstone Gold badge

      As this is PerezHilton.com - where is the downside?

      Yes, it's got a win-win feeling about it :)

  8. Aodhhan

    Oh c'mon

    If you go to this guys website, you deserve this.

    Seriously though... anyone with a popular blog (or whatever you call this trash) should have enough brains to pay for a decent service which maintains credible security and has applications which don't rely on Flash, Java, etc. to make it "pretty".

    Just like businesses which continue to use WordPress to punch out web sites and then throw their arms up when it gets hacked into... you're going to get what you pay for and you wont learn until it happens.

    I'd like to see what the outcome is, if a class action lawsuit is brought up. Will definitely be more entertaining than Mr. Hilton's web site.

  9. Anonymous Coward
    Anonymous Coward

    Oh great...

    You don't even have to sleep with the whore to get a nasty disease from her? Just. Fekkin'. Great!

    Now I'll have to make my software vendors get a clean bill o' health from the clinic before I can let them in th' door!

  10. TeeCee Gold badge
    WTF?

    Now I'm confused.

    Normally I'm of the opinion that the sort of person who compromises sites to serve up malware should be nailed to the cross and have their goolies blowtorched.

    In this case I can't help thinking they should get an award for single-handedly raising the global index of good taste by a noticeable amount.....

  11. Anonymous Coward
    Anonymous Coward

    Hey

    Don't make fun of Perez, it's a perfectly good biblical name! ...unlike Paris.

    (seriously. Book of John, I think. Comes from the passage delineating the ancestry of Joseph or something like that).

    1. Don Pederson

      Re: Hey

      Matthew 1:3, Luke 3:33, plus in 30 verses in the Old Testament (courtesy of Logos 6).

  12. Ropewash

    I'm sure they have laws for this in place.

    If you run an imageboard and it gets flooded with childporn that you don't bother to remove it's your server the authorities are going to nick when they begin the investigations.

    Or witness the pirate bay getting their shit pinched just for having links to commercial content.

    Same could easily be applied here. You open up your website to shady adscammers and end up hosting digital herpes it's your door the jackboots should be kicking down first.

    For the rest of us there's adblock.

  13. Anonymous Coward
    Anonymous Coward

    Use ad block, save money and data?

    200 million users of ad block saved on average $110 and got protection against ransomware? Sounds like an advertisement those wanting to stop ad blocking would like to block.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019