The website of celebrity chef Jamie Oliver, which has an average of 10 million visitors per month, has been hacked. The hackers inserted a string of code that redirects visitors to a WordPress site that uses a Flash, Java, or Silverlight exploit to force malware to run on the visitors’ computers.
The hack was discovered by computer security firm Malwarebytes. Jerome Segura, Senior Security Researcher at Malwarebytes, said, “The malicious redirection led to the Fiesta Exploit Kit which had recently integrated a critical zero-day (now patched) in Flash Player. However, as many people do not apply updates on a regular basis, this vulnerability is ripe for mass exploitation.”
Though Malwarebytes has contacted the admins of jamieoliver.com, Jamie Oliver’s press team is yet to issue a response on the matter.
Though anyone with the latest versions of Flash, Java, or Silverlight should be safe, it is advised that users avoid jamieoliver.com until the site has been cleaned.