Cracked.com Found Serving Malware
In perhaps a bit of irony, the humor website cracked.com was flagged by Google’s Safe Browsing Technology.
Cracked.com is a website derived from the original “Cracked” magazine back in the 1950′s. The website was formed in 2007 and has been making people laugh ever since. At least until it started infecting computers.
Cracked.com as it normally appears, after the malicious script was removed.
Barracuda Networks was the first to spot the drive-by-downloads and detailed them in a blog post here.
Barracuda Networks has commented that cracked.com has suffered several compromises, and was labeled as a “reoccurring problem”.
Thankfully Google flagged the website, likely saving thousands of visitors from a potential infection. Cracked.com currently appears safe, but site visitors may want to exercise caution if security does not improve.
Joshua Cannell is a Malware Intelligence Analyst at Malwarebytes where he performs research and in-depth analysis on current malware threats. He has over 5 years of experience working with US defense intelligence agencies where he analyzed malware and developed defense strategies through reverse engineering techniques. His articles on the Unpacked blog feature the latest news in malware as well as full-length technical analysis. Follow him on Twitter @joshcannell