‘Fiesta Exploit Kit’ threatens users through celebrity chef site

According to the official blog of anti-malware service Malwarebytes, Jamie Oliver, the well-known British chef, has unknowingly been exposing visitors to his website to malware that could take advantage of holes in web security. It's a serious situation since BBC news reports that the site sees 10 million visits every month. 

The specific malware used, the Fiesta Exploit Kit, sought to corrupt the code being used on the page. This was part of a targeted attack that included exploiting Silverlight and Flash plugins. Though Malwarebytes says it was able to counter these efforts, the source said the original infection "all started with a compromised JavaScript."

The malware could have affected users by hijacking websites and directing them to fake software updates. Attackers can target a legitimate site and subtly insert malicious code into it without being detected.

Since its discovery, BBC news reports that these security risks have been fixed, and the site's management team is taking pains to encourage users to consider the site safe once again. An article from that source includes quotes from an Oliver spokesman, who said that the situation had been dealt with.

"The Jamie Oliver website is regularly checked for vulnerabilities by both our in-house team and an independent third party, and they quickly deal with anything that is found," this unidentified person said. "The team is confident that no data has been compromised in this incident, but if anyone is worried do please use the contact form on the site."

Even when they are fixed within a short period of time, public website vulnerabilities can pose large problems to enterprise security without anyone being aware. One way of protecting important processes is to choose a web based terminal emulator that runs with the highest security configurations available on the latest Microsoft web servers.