Banking malware has been planted on the official Web site of Paul McCartney by cybercrooks looking to take advantage of a spike in visitors following the former Beatles' reunion gig with Ringo Starr.
McCartney and Starr got together for the first time in seven years at the David Lynch fundraiser concert in New York on Saturday.
At around the same time hackers uploaded the LuckySploit crimeware toolkit onto the site, hiding it behind an invisible iFrame, says security outfit ScanSafe.
Scansafe says this is the latest in a string of sites compromised using Luckysploit. The firm believes they are related to an outbreak of bank-related data theft trojans during the first quarter.
These outbreaks track back to the Zeus botnet which was implicated in a $6 million commercial account heist on 20 European banks in the summer of 2008.
ScanSafe found LuckySploit on PaulMccartney.com on Saturday and the site has since been cleansed of infection.