STE WILLIAMS

If your Hotpoint cooker or washer’s on the blink, don’t arrange a repair by visiting company’s site: Netcraft says the appliance vendor’s foisting nastyware onto visitors.

Netcraft says it’s found fake Java update dialogs on Hotpoint’s UK and Republic of Ireland sites. If you click “Install” you won’t be updating Java, you’ll be firing up an obfuscated JavaScript that Hotpoint did not place on its site. That script tries to hide the fact it refers to a third-party site that can send a custom payload your way.

That payload won’t do nice things to your endpoint and may expose you to attacks like drive-by malware or phishing.

Netcraft says the source of the problem is almost certainly Hotpoint’s WordPress installation, and notes that the content management system “is notorious for being compromised if both it and its plugins are not kept up to date.”

The site in question – hotpointservice.co.uk – is a fine target for crims because it’s suggested as the place to register new products. Netcraft worries that the attack’s done rather well because it landed in time before the Easter long weekend, meaning four sysadmin-free days of operation before IT staff came back to work and had the chance to fight back.

Hotpoint’s web site and social feeds are silent on the matter. The Register has asked Hotpoint if the attack was detected and defended and whether any customers or their data were compromised. When we hear back from the company we’ll update this story. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/04/19/hotpoint_hacked/