Well, here’s news that will surprise absolutely no-one.
Chirpy cockney chef Jamie Oliver has been found spreading malware yet again after his website suffered yet another compromise.
According to researchers at MalwareBytes, the popular site was serving up a password-stealing payload alongside its pasta pesto.
That would be bad news in itself, but the fact is that Jamie Oliver’s website was also found to have been compromised with malware in March and between December last year and February.
In short, the team responsible for Jamie Oliver’s website have found themselves victims again and again. Which does, somewhat, make you question how likely it is that they’re going to properly prevent yet another reoccurrence.
On each occasion, it is innocent internet users who are put at risk – and may find that their passwords have been stolen simply because they visited Jamie Oliver’s website for a tasty recipe.
Which can hardly be good for Jamie Oliver’s multi-million dollar brand.
According to MalwareBytes, the threat is the same as the previous incidents. Browsing any page on Jamie Oliver’s website can lead to the Fiesta exploit kit being executed from a third-party website via a single line of code.
MalwareBytes says it has told Jamie Oliver’s team about the problem – one would imagine that they’re on first name terms by now – but what disturbs me is that there is no warning of the risk on the website or mention of the problem on Jamie Oliver’s Twitter account.
I mean, if you want to be sure that Jamie Oliver fans know that their Windows computers might have been infected, you don’t just hope that they read a security vendor’s blog or happen upon a BBC News report, do you?
If you go to Jamie Oliver’s website (careful folks… who knows when it will next be infected?) then you’ll discover that it apparently found no space to mention the malware attack.
And the same is true on Jamie’s Twitter account, a perfect platform for informing over four million fans of the risk.
My conclusion has to be that he simply doesn’t care.
And if he doesn’t care, why do you imagine that efforts will be made to prevent it from happening again?
Further reading for Jamie Oliver’s IT team: Why does my site keep getting hacked/reinfected?
He's really not a cockney. 'Chirpy' I'll give you…
Maybe mockney would have been more accurate. Lovely jubbly
"In short, the team responsible for Jamie Oliver's website have found themselves victims again and again."
I disagree – the victims are those unsuspecting visitors to their website. Oliver's IT department, however, is irresponsible and negligent. Yes, it can happen. But the fact they're not notifying anyone, the fact they're going through this repeatedly means it is more than just a mistake – it is negligence.
"My conclusion has to be that he simply doesn't care."
Indeed. He doesn't. That is quite clear. Shameful too, because of the implications of malware..
"And if he doesn't care, why do you imagine that efforts will be made to prevent it from happening again?"
A better question is WHEN will it happen again. It is interesting to note that two very different extremes lead to the same issue:
1. Person does something foolish and then uses the unimaginative, always old remark about it not being them but someone broke in to their account (i.e. not accepting that they could have done things better [and in most – I'm inclined to say all – cases this includes not accepting their poor decisions to do/say whatever it is that was done]). It is a default excuse that takes all the blame and puts it elsewhere (and yet those who do have an account compromised are more likely to accept it and learn from it, with the exception of 2, below, and perhaps similar attitude). I.e. they're irresponsible.
2. Outright ignoring risks. I.e. they're irresponsible.
Yet both are the same thing if you think a bit more: they don't seem all that concerned with their actions (or lack thereof); they only (sometimes) care about their reputation. 2 seems more serious to me because 1 is a poor decision, something they realise they shouldn't have done (but are too afraid to admit it to it or face the consequences publicly), but ignoring things such as Jamie Oliver does is not even accepting it in the first place.