TWiT.TV Hacked, Contains Malicious Code Linking To Java Trojan

Brad Chacos

The Maximum PC Podcasts keep BS to a minimum while simultaneously supplying maxed-out levels of hijinks and information, but for you media-addicted types out there, one podcast a week might not fulfill your quota for listening pleasure. We understand if you turn to the excellent lineup of broadcasts put together by Leo Laporte and the awesome TWiT.tv team to catch up on your tech news, too, but you might want to pass on your regular visit to the TWiT.tv site this week; hackers have managed to slip some malicious code onto the site.

Graham Cluley at Sophos reports that the nefarious snippet is hidden in an iFrame at the top of the TWiT.tv website.  The iFrame points to a sit that tries to execute a file named worms.jar that the Sophos software identifies as a Java Trojan. “The Java Trojan is normally associated with fake anti-virus attacks, and may also trigger a PDF-based vulnerability attack detected by Sophos as Troj/PDFJs-ST,” Cluely writes.

Fortunately for users, Google’s onto the problem and is already warning that the site could harm your computer when it appears in search results, or if you try to surf to Twit.tv on Chrome. We’ve got no doubt that Leo and the stalwart TWiT.tv crew will have things fixed in a jiffy, but we just thought a PSA was in order. Just to be on the safe side, we didn't include any active links to the site.

Around the web

by CPMStar (Sponsored) Free to play

Comments