JQuery.com the popular JavaScript library hosting webite compromisedFlaw in the website not known!
One of the reasons for its popularity is that, jQuery is free, open source software, licensed under the MIT License. And the same popularity also makes compromised JQuery.com website, much more dangerous as per RisqIQ blog. James Pleger of RisqIQ says that due to the vast popularity and wider usage of the library across the globe, this breach is more harmful then normal breaches. RisqIQ detected the attack on 18th September 2014 and given that the malicious redirector was hosted on a domain that was registered on the same day, it’s more than likely that that was the day when the attack actually started. RiskIQ says that it notified the jQuery Foundation immediately after it noticed the compromise along with the malicious redirect configuration. JQuery.com administrators immediately responded to the message and removed the malicious script. However it is not known how many users were infected by the redirected malware before JQuery removed it.
Flaw in the website not known!
Worst news is that neither RisqIQ nor JQuery administration know about how hackers managed to breach the website and till the time the flaw / vulnerability exists on the website, it may allow the hackers to return again anytime. JQuery has requested all the users who may have visited the site on or around September 18 to check whether they have been compromised by the malware. RisqIQ has recommended those users who may have been infected, to immediately re-imaging of the system, resetting passwords for user accounts that have been used on it, and checking whether suspicious activity has originated from it (data exfiltration, etc.). Jquery.com stated that none of the data or the JavaScript libraries present on the website have been affected by the breach.
