For the third time in a year there are again infected ads on the most popular porn xHamster published that attempted to infect visitors with malware. XHamster receives nearly half a billion monthly visitors and is on the 71st place of most visited websites on the internet.
The infected ads first carried out various checks. Thus, it ensures that the visitor Internet Explorer and certain security tools such as Wireshark and Fiddler active, said anti-malware company Malwarebytes. In case it IE users without said security tools went unnoticed was a page loaded with the Nuclear-exploitkit. This exploitkit uses known vulnerabilities include Adobe Flash Player and Internet Explorer users have not patched.
In the case the attack was successful was ransomware and other malware installed. After being informed removed the ad network TrafficHaus infected ads. A few days later appeared again malicious ads on xHamster. This time the browser was based Brow lock ransomware spread. This ransomware is not on the computer, but locks the browser via a special JavaScript and states that the user must pay to get access again.
Again TrafficHaus was informed. Malwarebytes but does not know if the second round with malicious ads has been removed. In January and April also appeared already contaminated ads on xHamster.
No comments:
Post a Comment