The website of celebrity chef Jamie Oliver has once again been compromised and is serving malware to visitors or a nearly identical issue identified by Malwarebytes in February has not been completely resolved, Jerome Segura, senior security researcher at Malwarebytes, wrote in a Friday post.
“This is basically the same structure as we observed in the previous hack, which leads us to believe this is the same infection that was not completely removed or perhaps that a vulnerability with the server software or Content Management System (CMS) still exists,” Segura wrote.
Segura said that visitors are still being redirected to the Fiesta Exploit Kit, which serves up malware identified as Trojan.Dorkbot.ED to those using vulnerable systems. Segura noted that the malware was digitally signed, but the certificate is no longer valid.