Reports are coming in from Twitter that the NBC.com website infrastucture has been hijacked to spread malware from various properties such as NBC.com and JayLenosGarage.com. Typically this would only be classified as a level-two attack, but presumably the NBC site receives a lot of traffic, so the ramifications are more wide-spread than normal.

Updated

The incident appears to be resolved now, awaiting further details on what exactly led it.

• The Verge: Hackers exploit NBC.com to spread malware
• ZDNet: NBC.com hacked, briefly compromised with RedKit malware

Related Tweets

Really, don't go to NBC dot COM right now, redkit infection originating from there. @avast_antivirus does scream. ;)

— Jindrich Kubec (@Jindroush) February 21, 2013

ok so nbc dot com is infected w/ iframes that redir to kits serving Citadel? any known where on the site the code lives?

— briankrebs (@briankrebs) February 21, 2013

@briankrebs directly on / in an iframe, also in assets/core/js/s_wrapper.js in a document.write.

— Sébastien Duquette (@ekse0x) February 21, 2013

Avoid NBC, that's the network that Jay Leno's on.

— Wesley McGrew (@McGrewSecurity) February 21, 2013

Don't click the links in this tweet until the attack is resolved.

I tried removing them, but twitter's tweet embedding code is ignoring my request. :/

@briankrebs plus jaylenosgarage.com is on the same server as nbc.com and is also being used for malicious scripts.

— Sébastien Duquette (@ekse0x) February 21, 2013