How a fake antivirus attack works
Posted on 03.02.2014
Earlier this month, Invincea researchers have warned about visitors of video-sharing website Dailymotion being targeted with malicious ads leading to bogus infection warnings and the download of a fake AV solution.

Unfortunately, the warning still stands, as the popular website - 96th most popular in the world, with tens of millions of unique visitors each month - is still bombarding visitors with the fake warnings.

The approach is the same as it was before, and the attack is likely very effective as it is very convincing, as you can see in this demo recorded by the researchers:


Not only do the victims get saddled with malware, but they are likely to pay for the "full version" of the fake AV (some $100) and have their credit card details stolen in the process.

The researchers have again alerted Dailymotion about the problem, but have confirmed that they their initial notification went unacknowledged.

I wonder if the problem lies in the fact that the company has passed into the hands of France Telecom's Orange around the same time the initial attack was spotted. Maybe the scammers took advantage of the understandable commotion following such a change?

Anyways, the malware served in this attack is still detected only by a handful of commercial AV solutions, so avoiding DailyMotion's website is a good idea for now.









Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //