Threat Management, Incident Response, Malware, TDR

DailyMotion users redirected to exploits in pay-per-click ruse

Popular video sharing service DailyMotion was compromised on June 28, and briefly redirected users to the Sweet Orange Exploit kit.

Attackers “injected an iframe” onto the site, which rerouted users to a different website hosting the exploit kit, according to a blog post by Ankit Singh, security researcher at Symantec.

The exploit kit then attempted to leverage several vulnerabilities on a user's computer associated with Internet Explorer (CVE-2013-2551), Adobe Flash (CVE-201302551), and Java (CVE-2013-2460).

Although these bugs have been patched, if a user does not have the latest version of the programs and Sweet Orange successfully exploits any of the vulnerabilities, the compromised machine will download pay-per-click malware and generate revenue for the miscreants by artificially producing traffic for their web advertisements.

The site, which ranks 90 in Alexa's top 100, is no longer compromised.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.