The official website of well-known toy maker Hasbro has been compromised and found serving malware to unsuspecting visitors on a number of occasions during the last few weeks.
According to Barracuda Labs researchers, the site was not compromised via malicious ads as it’s often the case, but directly, and it would lead visitors via a chain of redirects to a website hosting Java exploits.
If a visitor’s computer turned out to be vulnerable to them, the download of an information-stealing Trojan variant that was initially not detected by any of the AV solutions used by VirusTotal.
Users who visited the site on January 10, 11, 14 and 20 are likely to have had their computers infected, so they are urged to scan their machine with one of the AV solutions that detect the malware in question.
But to be on the safe side, everyone who visited the site lately would do well to do so, too. Avoiding the website for the time being might also not be a bad idea, as we wait for its operators to clean house.