Paul McCartney's website hacked to distribute malware
The official website for former Beatle Paul McCartney was compromised to infect users through drive-by downloads.The site was attacked by the LuckySploit toolkit, according to web security firm ScanSafe, which discovered the hack. The toolkit was recently updated to include a set of HTML files that contain obfuscated and malicious JavaScript code, according to NoVirusThanks.org, a computer security website.
ScanSafe said in a statement that its researchers discovered the infection on Saturday, the same day McCartney reunited on stage with Ringo Starr for the first time in years. The toolkit was hidden behind an invisible frame on the site. When users visited, their machines were hit with an exploit that downloaded a rootkit.
Once the rootkit is installed "behind the scenes" on the victim's computer, thieves could steal personal information, such as credit card details and login credentials, according to ScanSafe.
"Once your computer is infected with a rootkit, none of your personal information is safe," said Spencer Parker, director of product management for ScanSafe, in a statement. "This is an extremely attractive target for cybercriminals given the level of attention McCartney is receiving at this moment.
McCartney's site quickly was fixed, according to ScanSafe. It is unclear how many users were compromised.
A representative for the musician could not be reached for comment on Tuesday.
According to Websense's most recent "State of Internet Security Report," 77 percent of websites containing malicious code are legitimate sites that were exploited by cybercrooks.
