May 20, 2020 Hacked To Serve Up Malware

(LiveHacking.Com) – was hacked yesterday to redirect users to a site that downloaded and executed malicious code on the visitor’s Windows computer without any user interaction. The site has since been cleaned up and is now working normally.

According to Armorize, who first reported the problem, the hack used a combination of JavaScript and iframes to send the user to, a domain specifically created to spread the malware. From there the hacker used the BlackHole Toolkit to infect the visitor’s Windows PC with malware without the visitor’s knowledge. The visitor doesn’t need to click or agree to anything; simply visiting with a vulnerable browsing platform resulted in an infection.

The BlackHole Toolkit attempts to exploit a large number of weaknesses on the visitor’s computer including the browser and the browser plugins like Adobe Flash, Adobe PDF,  Java etc. Any visitors with an out-of-date browser or any unknown (zero-day) exploits will allow the toolkit to infect the PC.

It is estimated that receives almost 12 million visitors a month (nearly 400,000 a day), meaning that there was large number of  potential victims whilst the site was infected. was also attacked in March, when hackers “TinKode” and “NeOh” took credit for exploiting a SQL injection flaw. As a result they posted a list of usernames and passwords online.