Paul McCartney and Ringo Starr got together for a rare live performance, and according to reports it would seem the bad guys thought that a spot of media friendly Beatle-mania presented the ideal time to target McCartney's website.
Security specialists ScanSafe told me that its 24/7 Web security scanners first detected and began blocking the attack on Saturday 5th April at precisely 12:36pm GMT. The attack using that most advanced and sophisticated of crimeware toolkits, known as LuckySploit. This was hidden behind an invisible iframe on the site which obfuscated malicious JavaScript code using key encryption amongst other things. This code then launches exploits which download executable programs such as a rootkit onto the victims PC.
"Once your computer is infected with a rootkit, none of your personal information is safe" Spencer Parker, director of product management at ScanSafe says, adding "This site will have been an extremely attractive target for cyber criminals given the level of attention it will be receiving at the moment. Users should be aware that the majority of malware distribution is now occurring through mass compromise of legitimate and reputable websites."
Thankfully, I understand that the people behind the McCartney website reacted extremely quickly to fix the problem. Still, I bet that was a hard day's night...