Last Thursday, all websites associated with the US broadcaster NBC were hacked for several hours. Hackers intended to serve malicious software to access people’s bank account details. On their technology blog, NBC stated:
We’ve identified the problem and are working to resolve it. No user information has been compromised.
The likes of NBC are common target by cyber criminals due to its high volume of visitors. In relation to this, the number of visitors offers a chance to infect many people in a short period of time.
Citadel and ZeroAccess: What You Need to Know
A number of computer security companies said that the main NBC website was modified to serve up an iFrame. The iFrame is a way to load content into a website from another domain. However, it also loaded an exploit kit called RedKit, which tries to see if a site visitor is running un-patched software. The said attack is called “drive-by download,” and it can infect a computer when a user merely views a website.
Following the attack, Google temporarily blacklisted NBC’s website, while Facebook stopped directing their users to NBC.com. Prior to this, there were reports about a long-running hacking campaign, attacking US corporations, that is allegedly based in Shanghai, China. However, it did not immediately appear connected with the problems at NBC.
In addition to this, computer security firm SurfRight posted on their official blog that NBC’s malicious program loaded exploits that search for vulnerabilities in Oracle’s Java programming framework, as well as in Adobe’s PDF products. If the malicious attack is successful; either of Citadel or ZeroAccess will be delivered to the infected PC.
Citadel is Trojan malware used by hackers to collect sensitive account information from large banks such as Bank of America and Wells Fargo. On the other hand, ZeroAccess is an advanced rootkit that hides at a low level in a computer’s operating system.