How a fake antivirus attack works
Posted on 03.02.2014
Earlier this month, Invincea researchers have warned about visitors of video-sharing website Dailymotion being targeted with malicious ads leading to bogus infection warnings and the download of a fake AV solution.

Unfortunately, the warning still stands, as the popular website - 96th most popular in the world, with tens of millions of unique visitors each month - is still bombarding visitors with the fake warnings.

The approach is the same as it was before, and the attack is likely very effective as it is very convincing, as you can see in this demo recorded by the researchers:


Not only do the victims get saddled with malware, but they are likely to pay for the "full version" of the fake AV (some $100) and have their credit card details stolen in the process.

The researchers have again alerted Dailymotion about the problem, but have confirmed that they their initial notification went unacknowledged.

I wonder if the problem lies in the fact that the company has passed into the hands of France Telecom's Orange around the same time the initial attack was spotted. Maybe the scammers took advantage of the understandable commotion following such a change?

Anyways, the malware served in this attack is still detected only by a handful of commercial AV solutions, so avoiding DailyMotion's website is a good idea for now.









Spotlight

Free security software identifies cloud vulnerabilities

Posted on 21 October 2104.  |  Designed for IT and security professionals, the service gives a view of the data exchanged with partner and cloud applications beyond the network firewall. Completely passive, it runs on non-production systems, and does not require firewall changes.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Oct 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //