The website of controversial TV nutritionist Gillian McKeith has been compromised by hackers, who are using it as a staging post in their spam activities.
Gillian McKeith, who stopped calling herself “Doctor” after complaints that viewers of her colonic-loving TV shows might mistakenly believe she was medically qualified, is perhaps a surprising promoter of spam.
And yet, our spam traps have intercepted hundreds of spam messages pointing to the controversial eating guru’s website.
Here’s an example of just one of the spam emails that we have seen:
A look through our spam traps finds that spam has been sent linking to Gillian McKeith’s website since 16 July. We imagine that is when the self-hosted WordPress part of her website was compromised by the hackers.
My guess is that McKeith’s team has not been keeping their WordPress installation up-to-date to protect against vulnerabilities, have chosen easy-to-crack passwords, or are using a vulnerable plugin that the spammers were able to exploit.
Regardless of how the hack occurred, users who click on the spammed out links to Gillian McKeith’s site end up instead on a Russian-hosted website promoting herbal Viagra.
Sophos has spoken to the webmasters of http://www.gillianmckeith.info and informed them of the security problem.Follow @gcluley
Gillian McKeith image credit: Wikipedia