NBC.com Visitors Exposed to Malicious Software

According to reports, NBC.com was hacked late last week. The hackers bypassed security and then spread malicious software designed to steal bank account information from site visitors.

It wasn't just the main NBC.com site that was affected, either. Reports indicate that sub-sites, including sites dedicated to the Jimmy Fallon and Jay Leno late night shows, were also affected by the hack.

Security experts say that hackers modified the NBC.com site so that it would serve up an 'iframe,' which is a method of adding content to a site from a distant domain.

In this case, the iframe effectively uploaded a malicious software kit known as 'Redkit.' California-based security firm Securi says Redkit was then used to upload malicious software to any website visitor whose system was vulnerable to attack.

Adobe, Java Flaws Sought Out by Hackers

Security company SurfRight says that the hackers sought out flaws in both Oracle's Java programming framework and Adobe's software products.

Those companies have since updated their software, but there's no doubt that many web users have failed to apply the fixes.

Once Google detected the problem it temporarily blacklisted NBC's website. Facebook did the same. (Source: networkworld.com)

Systems Infected with 'Citadel' Trojan

So, what happens if a system is infected? Victims could find their computers laced with either the 'Citadel' or 'ZeroAccess' malicious software.

Less is known about the latter, but Citadel can be used by a hacker to steal personal data, including banking information.

Even more concerning is a report which reveals that VirusTotal -- a site dedicated to testing for the presence of malicious software -- cannot detect Citadel on a consistent basis.

NBC, which has since fixed the problem and resumed normal operations, says that, to the best of its knowledge, no user information was lost as a result of the hack. (Source: cnet.com)