Paul McCartney's website hacked to distribute malware

Share this article:
The official website for former Beatle Paul McCartney was compromised to infect users through drive-by downloads.

The site was attacked by the LuckySploit toolkit, according to web security firm ScanSafe, which discovered the hack. The toolkit was recently updated to include a set of HTML files that contain obfuscated and malicious JavaScript code, according to NoVirusThanks.org, a computer security website.

ScanSafe said in a statement that its researchers discovered the infection on Saturday, the same day McCartney reunited on stage with Ringo Starr for the first time in years. The toolkit was hidden behind an invisible frame on the site. When users visited, their machines were hit with an exploit that downloaded a rootkit.

Once the rootkit is installed "behind the scenes" on the victim's computer, thieves could steal personal information, such as credit card details and login credentials, according to ScanSafe.

"Once your computer is infected with a rootkit, none of your personal information is safe," said Spencer Parker, director of product management for ScanSafe, in a statement. "This is an extremely attractive target for cybercriminals given the level of attention McCartney is receiving at this moment.

McCartney's site quickly was fixed, according to ScanSafe. It is unclear how many users were compromised.

A representative for the musician could not be reached for comment on Tuesday.

According to Websense's most recent "State of Internet Security Report," 77 percent of websites containing malicious code are legitimate sites that were exploited by cybercrooks.
Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

TOP COMMENTS

More in News

Millenials improve security habits, more interested in cyber careers, still need guidance

Millenials improve security habits, more interested in cyber ...

Raytheon's second annual survey on the online and security behavior of Millennials shows improvement but still a long way to go.

Pakistani man indicted over spyware app creation

Hammad Akbar created StealthGenie, which allowed the purchaser to secretly monitor a cell phone's communications.

FDA finalizes guidelines on medical device, patient data security

The recommendations are aimed at providing better protecting patient health and data, as well as hoping device manufacturers take into account cybersecurity risks in the early stages of development.