On the popular porn xHamster again infected ads have appeared that attempt to infect visitors with malware. In late January it was even hit on the porn site, which according to Alexa is on the 68th place of most visited sites on the Internet and gets 514 million visitors monthly.
The ads direct visitors unnoticed to another page where the Angler Exploitkit runs. This page checks to see if the visitor uses the virus from Kaspersky Lab or Norton. If this is not the case, then it is decided to attack the user further. The Angler Exploitkit makes abuse of vulnerabilities in Internet Explorer, Java, Silverlight and Adobe Flash Player. Anti-virus firm Malwarebytes suggests that only an old vulnerability in Internet Explorer is used in the attack.
Is the attack successful, is the Bedep malware installed. The same malware that also the end of January on the website was spread via infected ads. Bedep making computers part of a botnet and can then install additional malware. Once active Bedep used infected computers to commit fraud advertisement. Additionally silently loads the Magnitude Exploitkit, which also makes abuse of vulnerabilities, provide users with additional malware can become infected.
No comments:
Post a Comment