Gizmodo Brazil hacked, fake Adobe Flash download opens backdoor

Gizmodo, the popular technology blog owned by Gawker, has suffered an attack on its Brazilian site according to Trend Micro.

Hackers added a script to the main Gizmodo Brazil page which redirected users to another compromised website, which then loaded a fake Adobe Flash download page via a malicious URL.

fakeflash2

Image: Trend Micro

The file that users were invited to download was not an Adobe Flash update at all but a backdoor hosted on Google Drive, which was identified by Trend Micro as BKDR_GRAFTOR.GHR.

Gizmodo Brazil has now removed the compromised code, and Google has been notified so that it can delete the malicious file.

Gizmodo’s owner Gawker was itself the victim of a high-profile attack back in 2011 that saw its 1.3 commenter accounts and its entire website source code released by hacker group Gnosis.

It’s not yet known who is responsible for this attack, but we’ll give you more details when we get them.

In the meantime, as ever, we advise Internet users to exercise caution when clicking on unknown links. Hackers often use phishing to lure unsuspecting people into downloading malicious software. Don’t let human error be the weak link in your cyber security defences.

An effective cyber security posture, as outlined in the international Standard ISO/IEC 27001, embraces the three elements of people, process and technology.