Well, here’s news that will surprise absolutely no-one.
Chirpy cockney chef Jamie Oliver has been found spreading malware yet again after his website suffered yet another compromise.
According to researchers at MalwareBytes, the popular site was serving up a password-stealing payload alongside its pasta pesto.
On each occasion, it is innocent internet users who are put at risk – and may find that their passwords have been stolen simply because they visited Jamie Oliver’s website for a tasty recipe.
Which can hardly be good for Jamie Oliver’s multi-million dollar brand.
According to MalwareBytes, the threat is the same as the previous incidents. Browsing any page on Jamie Oliver’s website can lead to the Fiesta exploit kit being executed from a third-party website via a single line of code.
MalwareBytes says it has told Jamie Oliver’s team about the problem – one would imagine that they’re on first name terms by now – but what disturbs me is that there is no warning of the risk on the website or mention of the problem on Jamie Oliver’s Twitter account.
I mean, if you want to be sure that Jamie Oliver fans know that their Windows computers might have been infected, you don’t just hope that they read a security vendor’s blog or happen upon a BBC News report, do you?
If you go to Jamie Oliver’s website (careful folks… who knows when it will next be infected?) then you’ll discover that it apparently found no space to mention the malware attack.
And the same is true on Jamie’s Twitter account, a perfect platform for informing over four million fans of the risk.
My conclusion has to be that he simply doesn’t care.
And if he doesn’t care, why do you imagine that efforts will be made to prevent it from happening again?
Further reading for Jamie Oliver’s IT team: Why does my site keep getting hacked/reinfected?
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.