DailyMotion Serves Malevolent Ads Diverting Onto Bogus Anti-Virus; Invincea
Invincea the security company reveals that DailyMotion a video-sharing website that is popular among Web-surfers has been compromised to make it serve malevolent advertisements diverting end-users onto one bogus anti-virus scam, reported threatpost.com dated January 7, 2014. The malicious operation first came to the notice of Invincea on 7th January 2014 itself.
Reportedly, as per California-situated Alexa an affiliate firm of Amazon.com that serves business data from Web-traffic, DailyMotion draws 17m visitors every month as well as ranks No.95 on the list of the most frequently visited websites.
Invincea explains how DailyMotion visitors through the malevolent advertisements were being diverted onto an intermediary URL in Poland. Ten anti-virus engines of VirusTotal's 47 could identify the threat, with the majority identifying it as Trojan Graftor. According to the security company, the first ad doing the diversion is planted through engine[.]adzerk[.]net.
Soon as anyone accesses the top-page of DailyMotion, one behind-the-screen iFrame diverts him onto the fake AV campaign that cautions about one crucial process which should get sanitized for averting system damage. Thereafter, one dialog box appears for the victim which claims it can get his PC rid of the anomaly. In case the person acquiesces, he gets directed towards executing one file that's actually a malevolent executable.
In the meantime, Invincea, without any delay, has brought the assault to the notice of DailyMotion. But, since the security company isn't certain whether the website stands sanitized, people mustn't visit it till Invincea confirms.
Incidentally, the DailyMotion attack comes only some days after one likewise malvertising assault struck Yahoo.com and its users, and which the Netherlands-situated Fox IT an online security company first identified.
In that assault, the malevolent advertisements got delivered from ads.yahoo.com, while the iFrames led onto contaminated documents that non-Yahoo servers hosted. People visiting the advertisements subsequently got diverted onto "Magnitude" an attack toolkit.
However, to stay away from the above fake anti-viruses, people must first not remit the fees demanded, as the infections aren't real, while the security software too is spurious. Besides, computer owners must always keep their security software up to date; advise security specialists from Invincea.
» SPAMfighter News - 16-01-2014