back to article Jamie Oliver's ministry of malware served slops AGAIN

Celebrity chef, food activist and supermarket promoter Jamie Oliver's website has been compromised for the third time this year. As with the previous two attacks, the WordPress site is serving up a password stealer, according to Malwarebytes, which hat-tipped Twitter account @hasherezade for the information. Malwarebytes says …

  1. Robert Helpmann??
    Childcatcher

    Low-hanging Fruit

    Not really a stretch for black hats: attacking a WordPress site already known well publicized to be poorly maintained by its owners in order to distribute malware to Windows machines. What will they think of next? Sending email to victims in hopes that they will install the payloads themselves? Come on, bad guys! At last act like you're putting some effort into it.

    1. Wzrd1

      Re: Low-hanging Fruit

      Why stretch and exert oneself when the low hanging fruit is so common and reached by simply opening one's hand for it to fall into?

  2. This post has been deleted by its author

    1. RISC OS

      Yeah

      you think he could easily pay for it to be done properly, just the other day he was bragging that he has made 250 million, where as Ramsay is only worth 100 million.

      Seems he is too tight though to pay for real web support... I mean he's not a youtube chef, he's an internationally known chef and if he can't be bothered to spend money on his website in 2015 when the web is more than just a passing fad, it's his fault.

      1. wolfetone Silver badge

        Re: Yeah

        "Seems he is too tight though to pay for real web support... I mean he's not a youtube chef, he's an internationally known chef and if he can't be bothered to spend money on his website in 2015 when the web is more than just a passing fad, it's his fault."

        I wouldn't say he's being too tight. While he knows a fair bit more about cooking than I do, he won't know as much about the internet or websites than I do. For all we know, the company he has in place to build or maintain this website could have the single best contracts manager ever known to man.

        Jamie: "What the hell is going on? What's this about the website being hacked again?"*

        Company: "We are just as shocked as you. We have the best people looking at this and we'll sort it out"

        Jamie: "You said that last time! Don't you know what this is doing to my credability?"

        Company: "I understand Mr.Oliver, but these people are persistent. You have my word that we are doing everything we can to stop this. But I tell you what, why don't, as a gesture of goodwill, do extra work on the site? For free?"

        Jamie: *Thinks a bit* "Hmmm, OK. But don't let it happen again"

        If someone who doesn't understand the internet is told a lie by someone he trusts to know everything, then the lie becomes fact, doesn't it?

        1. Ian Cumbers
          Pirate

          Re: Yeah

          >> If someone who doesn't understand the internet is told a lie by someone he trusts to know everything, then the lie becomes fact, doesn't it?

          How does the saying go - Fool me once, shame on you; fool me twice, shame on me.

          Imagine - I buy a restaurant and Jamie O is the chef. 5 customers are poisoned by bad food and he said "These things just happen, not my fault, but don't worry I'll make sure it never happens again. How about I don't charge you for next Sundays work". I might accept that, but the second or third time in as many months and I'd no longer accept the story, regardless of how little I know about catering. At the very least, I'd find out whether all owners just have to put up with customers going face-down in the dessert bowls.

          I'm unsure as to why common sense, that people apply to all other walks of life seems to go out of the window when dealing with IT.

  3. Nick L

    Liability...

    How long before we see claims for damages due to this sort of thing? (Or has it already happened)

  4. Anonymous Coward
    Anonymous Coward

    Hang on a moment

    This affects the whole WordPress set-up and not just the Likely Lad cook?

    How can I avoid hitting a WordPress site by mistake? Should I just stick (he he he) to porn sites?

    1. Jimmy2Cows Silver badge
      Coffee/keyboard

      +1

      Damn you!! That's the third keyboard this week.

    2. Stuart 22 Silver badge

      Re: Hang on a moment

      "This affects the whole WordPress set-up and not just the Likely Lad cook?"

      And not just Wordpress. It's likely this was backdoored via a third party theme or plugin. A number of vendors replicate them across the popular CMSs. its just that WP being the biggest is the most attractive target.

      Frankly even good SysAdmins get caught. An issue is that we can't really share our defensive measures without giving them away to the enemy. So we roll our own and who can guarantee to do that perfectly?

      What's unforgivable is not to have a recovery plan when (not if) it happens. The 5 week DEFRA downtime is really bad service. And I bet they paid a lot more to the contractors then did Mr Oliver who, from the report, got it sorted quickly.

    3. Captain Scarlet Silver badge
      Flame

      Re: Hang on a moment

      Impossible for me, every bleeding marketing agency used here seems to live and breathe WordPress, every new site brings new demands for "oh this file/folder should have 777 security" (They don't like the Wordpress wiki page where it states 777 should not be used) and when I ask was the last time they applied patches I get responses of mostly its not up to them or its up to the server its hosted on to ensure to prevent execution of bugs (They don't like me pointing out the fact they asked for files and folders to be set to 777).

  5. This post has been deleted by its author

  6. Tromos
    Coat

    The site sounds like a...

    ...recipe for disaster.

  7. Vector
    Coat

    "Chef cooks up evil code for the third time this year"

    He didn't really cook it up, more like he reheated it.

  8. CKOne
    FAIL

    It would affect Wordpress, if his site was built on Wordpress.

    His site is on Concrete5

    1. Pomgolian
      WTF?

      Concrete5

      @CKOne - I suggest you look again, preferably with your glasses on, a bright light and possibly a brain of some sort. It's Wordpress, no doubt about it. The page source is full of links to wp-content and there is no trace of any of the hallmarks of Concrete5, no JS variables in the page, no CONCRETE5 session cookie...

      Concrete5 is one of the most secure CMS systems there is - got do a search on cve.mitre.org and you'll find barely a handful of issues for C5, versus several hundred for Wordpress, Drupal etc.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022