Hacked, Serves Malware

Barracuda Labs researchers recently found that the humor Web site, which currently boasts more than 300 million monthly page views, was hosting malicious JavaScript that served malware to site visitors (h/t SC Magazine).

Once the malware has been downloaded and installed, the researchers report, there’s little indication to the user that the system has been compromised, aside from the fact that a Java plug-in launches and the system becomes low on memory. VirusTotal is currently reporting that the malware is recognized by 25 out of 47 leading anti-virus solutions.

According to SC Magazine, users running vulnerable versions of Java and Adobe Flash and PDF software are most likely to be impacted.

Earlier today, site admin David Wong stated on the site’s forums that the problem had been fixed — though the folks at Barracuda Labs weren’t impressed, writing, “It seems as though the site being compromised and serving malware has been a reoccurring problem with Each with somewhat lax approach ‘Yeah we stopped getting complaints about it and Google took us off the malware warning list or whatever was triggering it. Is anybody else getting it again?’ on their forums. This combined with not alerting their site visitors that know what has happened and remediation steps that they can take to cleanup their systems tends to indicate that should be avoided if you’re concerned with malware.”

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles