Even though cybercriminals are becoming smarter as days go by, one can still safeguard themselves by staying updated and adopting proper security measures.
Alternatively, however, if an individual decides to venture directly into the den of malicious actors- visit fraudulent or adult-themed websites, then it is very much likely that one will fall prey to the multiple tripwires such websites have in place.
It has been recently discovered that a cybercrime group, over the past month, has been infecting adult-themed website users with malware by using ads which redirect them to exploit kits. The group is called ‘Malsmoke’ and it is known to operate on a huge scale. They have built quite a reputation for abusing various adult website ad networks.
A US-based cyber-security firm, named Malwarebytes, has long been tracking this cybercrime group’s attacks. The company has found that Malsmoke, most of the time, places their ads with malicious intent, aka malverts, on various mid-tier adult portals.Â
However, as of recently, they hit the ‘jackpot’ because they managed to sneak their ads on one of the biggest adult video portals with billions of visitors known as xHamster – one of the highly popular adult video content websites in the world.Â
The malicious ads which are deployed by this group use JavaScript trickery which then makes sure the users are redirected from the adult portal to a malicious site hosting an exploit kit.
And, that how ordeal of those unsuspecting users starts.
Once a user is redirected to a malicious site, the exploit kits do the job of finding out the various vulnerabilities in Adobe Flash Player or Internet Explorer in order to install the malware on the user’s devices with the payloads such as Smoke Loader, Raccoon Stealer, and ZLoader.
Note here that only Internet Explorer or Adobe Flash vulnerabilities were getting targeted by these malicious ads.
The attacks are very old-school and it can sort of be considered almost defunct as modern browsers are not susceptible to these and are harder to hack.
Most internet users in this day and age have either uninstalled both Flash and I.E. or have moved to Chrome and Firefox thus these exploit kits can only infect a limited set of people.
Flash is being officially killed off by the end of the year and Internet Explorer is similarly being phased out slowly by Microsoft. Therefore, it can be said that these malware attacks are sort of the last hurrah for these cybercriminal groups.
Malwarebytes, in a report published earlier this week, said that despite repeated recommendations from Microsoft and various security professionals, there are still a handful number of people, both consumers and enterprises across the world who are yet to upgrade to the modern browsers. Thus, in their case, these exploit kits can still do much harm by taking advantage of the vulnerabilities these defunct technologies are riddled with.
All in all, these are two main highlights that one needs to take note of here;
- Never visit websites or web portals which are filled with numerous popups and shady ads. These are almost 100% of the time meant to do some harm or the other to your system.
- We must start adopting all the newer form of upgrades that are rolled out on a constant basis in order to deal with security vulnerabilities.
So, if you are among those few old schools who are scared from new changes and are still hooked with obsolete technologies or old browsers, make sure you get them upgraded as soon as possible.
Remember, prevention is better than cure!
if you have anyone in your contact who has been recently targeted by these malicious actors, do share his/her ordeal in the comment section below to spread awareness.
