Posted by: Lauren--NY | March 10, 2010

SECURITY ALERT: PerezHilton.com

UPDATE 10/18/10: The site is apparently still having problems. Though it has been updated to a green check mark, as of this writing McAfee has been preventing me from accessing the site for weeks. See my update on the issue here. I do not advise my readers to access Perez Hilton’s website at this time.

UPDATE 3/17/10: The site is now listed as green and contains this message from one of Hilton’s staff (“remecz”): “To all Perez fans who arrive at this page. We apologize for the inconvenience if your Internet security software blocked Perezhilton.com and now advises you to stop visiting the site. We believe that the current red listing is inaccurate and that the site is safe to visit. We’re doing everything possible to keep malware away and to resolve this with McAfee. You can help us speed up the process by adding your comments down below.

Please feel free to contact us with any related questions at tech AT perezhilton.com.”

BREAKING: McAfee Site Advisor now states that celebrity gossip blogger Perez Hilton’s website, PerezHilton.com, violates browser security and made unauthorized changes to their test PC.

The website has a skull and crossbones highlighted in red in the category “Browser Exploit,” and explains that exploits are “rare but extremely dangerous security threats caused by a website ‘exploiting’ a security vulnerability in the browser. We perform tests to detect the presence of exploits on a site. An exploit is any content that forces a web browser to perform operations that the user does not explicitly intend.”

According to Wikipedia, a browser exploit is “a piece of code that exploits a software bug in a web browser such that the code makes the browser do something unexpected, including crash, read or write local files, propagate a virus or install spyware. Malicious code may exploit HTML, JavaScript, Images, ActiveX, Java and other Web technologies. HTML alone is harmless (can only crash browser in some cases on vulnerable web browsers), however, in conjunction with malicious ActiveX or Java code, it can potentially freeze or crash a browser, or even crash the computer running that browser.”

The term “browser exploit” can also refer to the actual bug in the browser code.

The user reviews section of the McAfee Site Advisor page for PerezHilton.com (that site will not be linked here for readers’ safety) seems to be filled with confused people reviewing the content of the site rather than its safety and security, i.e. “Hilarious! Always a good celebrity gossip tidbit found…” but one reviewer, Beckski, commented not only on the strange bent of the other comments, but on the actual problem:

“This site has allowed spyware on to my computer twice in the past. I find a lot of the reviews above very suspicious – funny how they are reviewing the site’s content, and not its safety, which is the whole point of this site. If you read the comments on Perez’s site, quite often they will say ‘Hey Perez, your site has effed up my computer.’ He clearly doesn’t give a stuff about ensuring site safety for his readers.”

Considering that this is the week following the Oscars and the glittering, gossip-filled after parties such as the Vanity Fair party, Madonna’s and Demi Moore’s famous after party, and Elton John’s charity bash for his AIDS foundation, this is actually pretty sobering if only because of its bad timing–the number of people looking for Oscar weekend-related gossip and getting smacked with malware could be fairly high.

Browse with caution. For those who want a safe alternative for their celebrity gossip fix, I suggest Dan Abrams’ and Michael Lewittes’s Gossip Cop. They have a significant track record for catching Perez Hilton in inaccuracies, so much so that Perez actually blocked Gossip Cop on Twitter. They also get a green check mark from McAfee Site Advisor.

To remove malware from your PC, try Malwarebytes’ Anti-Malware, as recommended by CNET.com.

Creative Commons License
The Grotto Blog by Lauren E. Moccio is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License.
Permissions beyond the scope of this license may be available at http://www.lauriebethsgrotto.com.

Advertisements

Responses

  1. […] website (not linked here for readers’ safety) due to the sudden increased number of hits to this post, where back in March on Oscar weekend I alerted readers to the fact that this website was marked as […]

  2. […] website (not linked here for readers’ safety) due to the sudden increased number of hits to this post, where back in March on Oscar weekend I alerted readers to the fact that this website was marked as […]

  3. I would appreciate more visual materials, to make your blog more attractive, but your writing style really compensates it. But there is always place for improvement

  4. This is another reason to run your web browser in a sandbox program like Sandboxie and practice good security skills when using the internet by disabling Javascript and activeX when possible with Noscript or in web browser settings. Plus, running an updated firewall, antivirus, and antispyware/malware program!

    Thanks for the information.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: