Malwarebytes researchers recently discovered that toy company Hasbro's official Web site was pushing malware to visitors on January 10, 11, 14 and 20, 2014.
"As with the Cracked.com compromise a week prior, the incident was the result of direct site compromise, and affected users were unlikely to have recognized that their computers were infected," Malwarebytes researcher Paul Royal wrote in a blog post detailing the compromise.
Following a series of redirects, a malicious payload was installed on Hasbro.com visitors' computers -- according to VirusTotal, anti-virus solutions from Kaspersky, Microsoft and Trend Micro currently fail to detect the payload as malicious.
"Given the frequency with which Hasbro’s website has recently served drive-by downloads, Barracuda Labs recommends that users refrain from visiting the site until its operators have confirmed it is again safe," Royal wrote.
Photo courtesy of Shutterstock.