Hasbro website keeps spreading malware says security firm


Hasbro malwareIf you’re in the market for toys and games for your kids, you might want to avoid the Hasbro website.

That’s the warning that’s been issued by security researchers at Barracuda Labs who claim that the toy retailer’s website has been infected with malware *four* times this year already.

In a blog post, Barracuda analyst Paul Royal has shared details of how the Hasbro website has been pushing malware onto visiting computers.

Hasbro website

Via a sequence of obfuscated JavaScript and redirects, visitors to the Hasbro website have been taken to malicious webpages hosting drive-by code which exploits vulnerabilities in Java to silently infect customers’ computers.

According to Barracuda, the latest infection on Hasbro’s website was seen by them on Monday January 20th, but they also found infections on January 14th, 11th, and 10th.

And, in Barracuda’s opinion, that means its not safe to visit the site until the company has confirmed that it has resolved the issue:

Given the frequency with which Hasbro’s website has recently served drive-by downloads, Barracuda Labs recommends that users refrain from visiting the site until its operators have confirmed it is again safe.

Clearly there has been a serious problem with the security of the Hasbro website. One has to hope that they have finally got a handle on the problem, and shut down any security holes that have so far made it too easy for hackers to plant their malicious code.

And, don’t forget, this is yet another reminder that unless you *really* need it, you should probably disable Java in your web browser. If you don’t use Java, you can’t be caught out by a Java exploit.

Tags: , , , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , , , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.