The eagle-eyed harmony guy spotted about an hour ago that some malicious code had been added to the WordPress installation over at TechCrunch Europe.
The code redirects to a host which is serving up malicious PDF files. The PDFs are designed to exploit a vulnerability which leads to the download of that Poison Ivy of the criminal underworld, ZeuS.
The malicious server is hosted by Netdirect over in Frankfurt Germany, a provider with a relatively colourful history of their own.
The file itself has very low detection rates at present and only serves to underline the need for a security solution that considers the threat as a whole instead of focusing on one aspect of the threat.
If you’re using our stuff, you’re safe, the redirection to the bad host never happens and you never see the malicious file.
The folks at TechCrunch have been made aware and we hope they clean up their WordPress installation soon.