SourceForge and GitHub Pages Used for Disbursing Ransomware
According to researchers from GFI Software the security company, online-crooks have overwhelmingly planted malicious web-links onto the web-pages of SourceForge and GitHub with the purpose of disbursing ransomware by using an exploit toolkit called Stamp EK.
The researchers also disclose that the web-links seemingly take onto adult photos showcasing famous personalities like American film actresses, news reporters, wrestlers or singers. And when anyone clicks on the web-links he's led onto one bogus YouTube page else an online site that harbors explicit photographs.
Reportedly, the just-mentioned sites harbor Stamp EK that thrusts ransom malware onto the victimized users' PCs.
The ransom malware items, the researchers noticed, are actually Reveton or Weelsof variants, which when contaminate any PC, block the user from running his system. Frequently, while demanding the ransom cash valuing EUR225 or USD300, there's a text accompanying it which blames the machine about downloading porn.
Now, while responding to GFI's finding, a Spokesperson of SourceForge stated that the website's administrators knew about the unauthorized individuals who had been misappropriating SourceForge's brand and reputation for boosting illegal malware. Therefore, they wished for saying that within the current instance no malware was being delivered from SourceForge. Moreover, the site administrators were working towards ensuring the web-links were eliminated from different Internet reference points or search engines so future potential victims could be spared, the Spokesperson assured. Thenextweb.com published this dated February 7, 2013.
Additionally the Spokesperson stated that SourceForge's mission was for remaining a trustworthy name within the sphere of open-source computer applications. The company worked with other developers of open-source software along with end-users for hosting as well as distributing innumerable software projects on a daily basis. SourceForge would keep on working on the matter till a final resolution was achieved while it'd do all things possible for ensuring the site maintained its commitment towards its mission, the Spokesperson concluded.
Meanwhile, it has been urged to consumers that they eschew following any suspicious web-links either on SourceForge or GitHub. Moreover, incase anyone's PC contracts a ransomware, he shouldn't make the payment demanded rather eradicate the malware by employing one rescue disk else malware-removal software.
Related article: Sourcefire Responds Quickly to Snort Flaw
» SPAMfighter News - 14-02-2013