14 DAY TRIAL // Last week, researchers from Barracuda Labs noticed that humor website Cracked.com was serving malware via a drive-by download. The website was hacked and malicious JavaScript code was planted on it.
Experts believe the hackers had access to the website since at least November 4. On Tuesday, the piece of malware served on Cracked.com was detected by only 7 antivirus engines. However, at the time of writing, 24 antiviruses identify the threat.
The exploit was designed to send what experts call a blend of malicious PDF, Java and HTML/JavaScript files to the victim’s browser. The only indicator of a compromised computer was the fact that the Java plugin was launched and a low memory alert popped up.
Barracuda’s initial attempts to contact Cracked.com failed. However, after a while, news of the infection spread on the humor site’s own forums and the issue was addressed.
Google Safe Browsing no longer flags the website as being suspicious.