Naked Chef’s users are exposed… to malware… again!

Next story

Jamie Oliver, esteemed celebrity chef who saved a generation of school children from the perils of turkey twisters, has been serving up raw malware via his website. The scary thing: it isn’t the first time.

If you’re a fan of food, TV chefs or internet security then you’re probably aware of the Jamie Oliver saga thus far. If you’re not then here’s a quick primer:

Back in February Malwarebytes reported that Jamie’s website had been compromised and was serving up malware to its 10 million monthly visitors. It turns out that it had been doing so since December 2014.

Not long after Jamie’s web techs reported that the problem had been fixed… or so they thought! In March the website was found to be exposing its users to very similar malware once again.

Oh dear, oh dear. Not to worry though, Jamie’s techies reported the website secure not long afterwards… but that doesn’t seem to be the case.

 

The turn of the screw


That leads us up to this week, when once again Malwarebytes has reported that Jamie Oliver’s website is dishing out some rather tasteless malware.

Mark James, ESET security specialist, lets us know why Jamie’s website is such a ripe target and who’s to blame for its repeated failings.

“Well technically it’s the team in charge of Jamie Oliver’s website, but he should be using his influence and money to ensure its resolved and does not happen again.

“It’s his name thus ultimately his responsibility to take, it’s easy to blame the IT staff but he will be in charge of funding and making sure the correct people are dealing with the issue.”

Another issue is that Jamie has yet to warn his loyal users of the potential danger of browsing his website, as IT security expert Graham Cluley points out. Why target Jamie’s website Mark?

“The shear amount of click traffic traveling through a high profile “TV” personality website is a very attractive prospect for malware authors and distributors.

“When websites offer information, advice, recipes and much more and then couple that with a very successful and seemingly likeable person you have a great opportunity to keep your fan base coming back again and again to the website.”

Once again it comes down to the trust factor: you expect malware from a dodgy website promising you a Russian bride; you don’t expect it from your favourite cheeky chappy chef, therefore you’re more likely to trust what you see or not be as vigilant.

 

Certainly no Fiesta

 

What were visitors to Jaime’s website potentially being exposed to?

“The actual malware was delivered through the Fiesta exploit kit, browsing any page on his website will trigger a redirection chain to a third party compromised website via a bit.ly link, that website will attempt to infect you with malware and or various exploits.”

Nasty and certainly something that you’d expect the public to be warned about from the horse’s mouth. How can users defend themselves?

“As for defending against it your best advice is to avoid the website with 2 previous infections and now a third, its plain they have not learnt how to protect not only themselves but you, the public.

“If you really do want to go there then make sure you have good multi layered protection that updates regularly and protects you from multiple means of attack.”

Frankly until we can be sure that they have fixed their problems and Jaime has addressed his fan base on the subject I’d avoid it: even delicious meatballs aren’t worth the risk. What are the next steps for Jaime’s IT team?

“Well they need to address the most common problem with infected websites, often people remove the result of the infection but fail to find and remove the cause.

Backdoors or hidden code may be present allowing the malware to re-infect after you have cleaned it.

“They also may have their Admin, FTP, or SSH passwords compromised, changing these should have been the first item on the list when it happened initially.

“Check to ensure they are not using vulnerable software, keeping the core components of your website up to date is very important indeed.”

Join the ESET UK LinkedIn Group and stay up to date with the blog.

Have you fallen victim to any of the Jaime Oliver website malware?