Global Chinese restaurant chain serves old recipe of Darkleech with exploit kit sauce
Popular Chinese food chain “Mr Chow’s” has been caught plating up ransomware from its website.
The fine dining restaurant chain boasts sites in London and across the US and was hacked by attackers injecting the pseudo Darkleech malicious scripts to redirect users.
Victims were served a malware money bag through the Neutrino exploit kit, the new top dog in ready-to-eat p0wn packs since the demise of rival Angler.
The attack follows an old recipe; a script and invisible iframe redirects users to temporary or hacked domains where exploits kits seek out un-patched and occasionally zero day vulnerabilities through which a nastyware payload can be delivered.
Patrons will be served a rude bill of US$695 (1.2 bitcoins) at the end of their restaurant experience making take-away the likely alternative.
Restaurant chains are a popular ransomware target: Jamie Oliver’s site wore some wicked exploit kit malarkey in 2015.
Popular sites are a rich content target for hackers thanks to their focus on showmanship over security. Malvertisers find traction by serving malicious ads that redirect users to exploit kit landing pages, while others opt to find one of the often many SQL injections and other web app Top Ten perennial flaws to spread their trojans and ransomware. ®