Image courtesy of Shutterstock.com

In another tale of web surfer beware, visitors to the web site of British celebrity chef Jamie Oliver that came looking for a pancake recipe were also served an unexpected side dish: malware.

The popular web site receives over 330,000 visitors every day, making it a good vehicle for the Shrove Tuesday-inspired attack. Part of the Catholic observation of Lent, part of the tradition for many is eating pancakes. And many, no doubt, were looking for new and interesting pancake recipes.

According to security researchers at Websense Security Labs, a direct injection compromise on the Jamie Oliver web site allowed cybercriminals to serve up malware to unsuspecting pancake enthusiasts.

“The attackers have taken advantage of a well-known celebrity chef and interest in recipes for the Pancake Day holiday to drive victims to compromise. Malware authors need only host their code on popular sites for just a brief moment to capture a large number of victims,” said Carl Leonard, principal security analyst with Websense, in a statement. “This type of compromise, when good sites go bad, underscores the necessity for users to keep their computers patched and have proper security measures in place to protect from exploitation.”

Websense contacted Jamie Oliver’s management company; the compromise is no longer present and they’re investigating the incident.

In a blog, Websense researchers explain in more detail the nature of the exploit, and what businesses like Oliver’s can do to prevent such attacks in the future.

5504.Selection_055.png-550x0

But what about the web surfing recipe enthusiast? Clearly, going to Chapters to buy a cook book isn’t going to happen. The Internet can be a dangerous place though. To stay safe, web surfers should always ensure their operating system is up to date and patched, and that they’re running robust and updated anti-virus and anti-malware software.

And if you’re in doubt; don’t click. Just make instant pancakes.

Previous articleNSA behind ‘Equation group’ malware that infects hard drive firmware
Next articleSamsung acquisition takes aim at Apple Pay
Jeff Jedras
Jeff Jedras is a technology journalist with IT World Canada and a member of the IT Business team. He began his career in technology journalism in the late 1990s, covering the Ottawa technology sector for Silicon Valley North and the Ottawa Business Journal. He later covered the technology scene in Vancouver before joining IT World Canada in Toronto in 2005, covering enterprise IT for ComputerWorld Canada and the channel for Computer Dealer News. His writing has also appeared in the Vancouver Sun & the Ottawa Citizen.