TWiT.TV Hacked, Contains Malicious Code Linking To Java Trojan
TWiT.TV Hacked, Contains Malicious Code Linking To Java Trojan
Posted 09/15/2011 at 11:33am
| by Brad Chacos
8
Comments
Print
The Maximum PC Podcasts keep BS to a minimum while simultaneously supplying maxed-out levels of hijinks and information, but for you media-addicted types out there, one podcast a week might not fulfill your quota for listening pleasure. We understand if you turn to the excellent lineup of broadcasts put together by Leo Laporte and the awesome TWiT.tv team to catch up on your tech news, too, but you might want to pass on your regular visit to the TWiT.tv site this week; hackers have managed to slip some malicious code onto the site.
Graham Cluley at Sophos reports that the nefarious snippet is hidden in an iFrame at the top of the TWiT.tv website. The iFrame points to a sit that tries to execute a file named worms.jar that the Sophos software identifies as a Java Trojan. “The Java Trojan is normally associated with fake anti-virus attacks, and may also trigger a PDF-based vulnerability attack detected by Sophos as Troj/PDFJs-ST,” Cluely writes.
Fortunately for users, Google’s onto the problem and is already warning that the site could harm your computer when it appears in search results, or if you try to surf to Twit.tv on Chrome. We’ve got no doubt that Leo and the stalwart TWiT.tv crew will have things fixed in a jiffy, but we just thought a PSA was in order. Just to be on the safe side, we didn't include any active links to the site.
More like this
8
Comments
Comments are closed on this article
VraiChevalier
September 15, 2011 at 3:25pm
Steve Gibson of GRC.com and the Security Now podcast has been warning Leo for a long time that running scripts on his site was a security vulnerability but Leo keeps insisting he has to have it. This is the second time in as many months that twit.tv has been hacked.
Oopsie...
DasHellMutt
September 15, 2011 at 2:21pm
I listen to several TWiT podcasts but I don't use their site. Hope they get it fixed soon and get that warning taken off. It will certainly scare the pants off those that listen to The Tech Guy. More Max PC podcasts would be nice.
CyCo_SoMaTiC
September 16, 2011 at 2:23pm
Agreed. Seems like they get further and further apart. If you're not going to deliver them on a consistent basis, at least say so on your website. I like to listen to them on long drives.
Connect with MaximumPC
Featured Content
The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...
This month's issue
Feature
Build a PC On Any Budget
Feature
Cloud Services Showdown
How-To
Encrypt Your External Drive
Build It
Upgrade an X58 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy2 days 4 hours ago
- maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj2 days 4 hours ago
- maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E4 days 2 hours ago
