Hasbro.com Hacked, Serves Malware

Malwarebytes researchers recently discovered that toy company Hasbro’s official Web site was pushing malware to visitors on January 10, 11, 14 and 20, 2014.

“As with the Cracked.com compromise a week prior, the incident was the result of direct site compromise, and affected users were unlikely to have recognized that their computers were infected,” Malwarebytes researcher Paul Royal wrote in a blog post detailing the compromise.

Following a series of redirects, a malicious payload was installed on Hasbro.com visitors’ computers — according to VirusTotal, anti-virus solutions from Kaspersky, Microsoft and Trend Micro currently fail to detect the payload as malicious.

“Given the frequency with which Hasbro’s website has recently served drive-by downloads, Barracuda Labs recommends that users refrain from visiting the site until its operators have confirmed it is again safe,” Royal wrote.

Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Top Cybersecurity Companies

Related articles