Just For Men Website Caught Distributing Malware
The site, apparently targeted by hackers, has since been patched
Just For Men, the popular male hair and beard coloring product, has been caught serving up something more nefarious than just the illusion of youth and vitality.
Its website, justformen.com, has been inadvertently delivering malware to visitors, according to analysis by cybersecurity researchers MalwareBytes.
The site now appears patched. But for an unknown period of time, Windows visitors who used Internet Explorer to visit justformen.com would, unbeknownst to them, become the victims of malicious code, popular among online criminals, called the RIG exploit kit.
That code uses Adobe Flash Player to redirect your browser to download a program that logs users’ keystrokes, presumably to send them back to a criminal who could make use of people’s personal information like bank login information. Anyone who doesn’t have Flash enabled — and many experts recommend you disable it, precisely because it’s such a common tool for hackers that Flash benefits just aren’t worth the risk — wouldn’t have been susceptible.
It’s possible hackers were able to compromise Just For Men’s site because it hadn’t updated its WordPress plugins, Lead Malware Intelligence Analyst at Malwarebytes Jerome Segura, told Vocativ. He said he emailed Just For Men’s parent company, Combe, about the malware on Friday morning. A few hours later, the malicious code was erased from the company’s site and the plugin updated, but Combe didn’t respond to Segura. Vocativ’s phone calls to the company rang unanswered.
“We see a lot of compromised websites every day, but when we see a big brand name we look more closely,” Segura said.
“If I go to somebody’s blog and they don’t take security seriously and their blog is unpatched, it’s just some unknown user. But when it’s a brand name you expect them to have it in check, and up to date and secure,” he added.