Industry News

NBC Hack Leads to Bank-Fraud Malware

US news station NBC fell victim yesterday to cyber-criminals who managed to inject malicious code leading to financial malware delivered via exploit code.

Malware warning in Chrome when visiting the NBC website

The attack was carried via a malicious iframe injected in the home page of the website. The iframe was used to load malicious content from compromised websites where attackers had planted the Redkit exploit pack – a crimeware kit that probes the visitor’s browser for vulnerabilities in third-party components such as Java and Adobe Reader. If a vulnerable version is found, the exploit kit redirects the user to a Java applet or an infected PDF file that, once opened, silently installs the Citadel banker Trojan.

It’s unclear how many people were affected, but; judging by the traffic rank of the website, chances are it claimed quite a few victims. Fortunately, attackers lost many potential victims as the compromised websites hosting the Redkit exploit pack gave up under the unexpected load. 

We’ve identified the problem and are working to resolve it. No user information has been compromised,” NBC said in a statement.

If you visited website, run a 60-second QuickScan to see whether you got infected. If you have used e-banking services and noticed that the bank website asked for unusual information, contact the bank immediately.

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.

1 Comment

Click here to post a comment