Jamie Oliver's website now confirmed malware-free

Malicious exploit problem has now been fixed

Security flaw

Jamie Oliver's website has been confirmed as malware-free by the security researchers who discovered it was serving up a malicious exploit kit to site visitors.

The website is popular among UK visitors, and regularly receives around 10 million visits per month from internet users in search of recipe ideas and news about the celebrity chef.

The security flaw was picked up by anti-virus company Malwarebytes, who claimed to have stumbled upon it during a "routine check" for new exploits and hacked sites.

 "Contrary to most web-borne exploits we see lately, this one was not the result of a malicious ad but rather a carefully and well-hidden malicious injection in the site itself," the company said in a blog post, authored by senior security researcher Jrme Segura.

This was used to re-direct site visitors to an exploit landing page, via a corrupted WordPress site, capable of launching three exploits.

The researchers said these could create problems for users with unpatched machines, as a malicious dropper could be downloaded and run with dire consequences for victims.

"One of the noticeable effects, post-infection, is search engine hijacks with unwanted redirections," the blog post continues.

"Users are [also] misled into installing fake software updates which end up wreaking havoc on the system."

Segura said the team immediately notified the site administrators of their find, and warned them simply deleting the offending script would not be enough to remedy the issue.

"The webmasters will need to look for additional evidence of infection, rather than simply restore or delete the offending script," it added.

The team behind the website has since issued a statement, confirming the "low-level malware problem" flagged by Malwarebytes has now been fixed, making the website safe-to-use.

"We have had only a handful of comments from users over the last couple of days, and no-one has reported any serious issues. We apologise to anyone who was at all worried after going on the site.

"The Jamie Oliver website is regularly checked for vulnerabilities by both our in-house team and an independent third-party and they quickly deal with anything that is found," the statement continued.

"The team is confident that no data has been compromised in this incident but if anyone is worried, do please use the contact form on the site."

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop

16 ways to speed up your laptop

29 Apr 2021