Paris Hilton's website has been hacked and is serving visitors a malicious Trojan program designed to steal sensitive information from their computers.
The hack was discovered by security vendor ScanSafe, which said that the celebrity site had apparently been compromised since Friday. Visitors to the site are presented with a pop-up window urging them to download software in order to enhance their viewing of the site. Whether they click "yes" or "no" on this window, the site then tries to download a malicious program, known as Trojan-Spy.Zbot.YETH, from another website.
"The popup points to a directory on that website; that's where the malware is being loaded from," said Mary Landesman, a security researcher with ScanSafe. Once installed, the Trojan steals online information and tries to install more malicious software on the victim's computer.
Landesman believes thousands of other websites may also be serving up this variant of the attack her firm uncovered. However, Paris Hilton's official website, is the best-known target. "The big thing with Paris Hilton is the number of visitors that she gets," Landesman said. "It's always doubly concerning when we see a high-profile website get compromised."
To make things worse, most antivirus products are not identifying the Trojan program being served by the website. On Monday afternoon, only 12 of the 37 vendors tested by VirusTotal identified the Trojan.