Celebrity chef Jamie Oliver dishes up malware infection on official site

The official website of celebrity chef Jamie Oliver has been linked to a high-profile malware infection.

Security research blog Malwarebytes discovered that the site has been compromised by a malicious JavaScript injection, which could cause a major headache for its many visitors.

Read more: Kaspersky Lab uncovers malware that stole close to £200 million from banks

Jamie Oliver’s website is ranked as the 519th most popular in the UK, and achieves approximately 10 million visitors every month, making it a sizable coup for the hackers involved. Unlike most cases of web-based malware, this particular plot does not involve malicious ads, but instead embeds the harmful code into the site itself.

Unless the visitor’s PC is sufficiently protected with anti-virus software, the JavaScript code will redirect them to an exploit landing page where Flash, Silverlight and Java exploits are launched. Users are subsequently infected with a malware package identified as Trojan.Dorkbot.ED.

The virus carries out unwanted redirects to search engine requests and installs fake software updates, which can cause serious damage to the user’s PC.

Malwarebytes was unable to determine how the malicious code found its way onto the site, but did speculate that stolen security credentials or a vulnerable plugin could have enabled the breach to occur.

Security researcher Jérôme Segura added that the website’s designers would now have to carry out a thorough security check to ensure the infection is not present anywhere else.

Read more: Mobile malware on the rise, but no worries for Apple users

“The webmasters will need to look for additional evidence of infection, rather than simply restore or delete the offending script,” he wrote.