Fake AV served to Dailymotion visitors via malicious ads
Posted on 09.01.2014
The extremely popular video-sharing website Dailymotion (dailymotion.com) has been found serving malicious ads that trigger fake infection warnings and try to make visitors install a fake AV solution.

This malware delivery campaign has been spotted on Tuesday by researchers from security company Invincea, who analysed the attack and the malware in question, and have notified Dailymotion of the problem. Hopefully, the matter has been resolved by now.

The attack unfolded as follows: visitors to the site would be automatically redirected via Javascript to a website sporting the fake infection warning, which would then automatically serve the fake AV (guard-cerq.exe) for download.

If the victim fell for the trick and installed the malware, the system would get rebooted and, upon starting again, would show a fake "active scan" window and ultimately scary scan results.

Users who then opted to remove all the "found" malware were urged to pay $100 for the pleasure (click on the screenshot to enlarge it):



Also, do we need to mention that all the information - including the credit card number, expiration date and CVV number - is harvested by the crooks behind the scheme for later exploitation?

The malware also prevents all network communication until the victim pays up so, in a way, you may say that this fake AV is also part ransomware.

The researchers haven't said whether Dailymotion has blocked the malware-serving ads, but my guess that is they probably have by now.

The bad news about this entire situation is that Dailymotion is visited by around 17 million visitors per month, and the fake AV in question - Windows Accelerator Pro - was initially detected by just a handful of legitimate AV solutions, so the "body count" in this particular case could be considerable.









Spotlight

How to keep your contactless payments secure

Posted on 19 September 2014.  |  Fraudsters can pickpocket a victimís financial data using low-cost electronics that can fit into a rucksack. Here are the top security threats you should be aware of if youíre using a RF-based card, along with our top safety tips to keep your payments secure.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //