Malware, Network Security, Threat Management, Vulnerability Management

Malvertising on Barclays Premier League fantasy site exploits Flash vulnerabilities

Malicious advertising on the Barclays Premier League official fantasy European football site fantasy.premierleague.com that redirected users to a Nuclear Exploit Kit designed to take advantage of vulnerabilities in Flash Player and compromise end-user machines, Malwarebytes researchers said in a Tuesday post.

"The Flash-based ad for a British yacht company was hosted on a highly suspicious server and distributed over https, making detection at the firewall or gateway much more difficult because it would encrypt the content of the page," the post said.

Researchers said the malware made use of Google's goo.gl URLs, which can't be entirely be blacklisted because they belong to a trusted company. It is unclear how many have been affected but the site reportedly receives more than 16 million visitors per month.

Malwarebytes contacted both the Premier League website and Google to report the malicious activities. 

Related

Antivirus updates exploited for GuptiMiner malware deployment

Intrusions hijacking the eScan antivirus software's updating mechanism have been conducted by threat actors suspected to be linked to North Korean advanced persistent threat operation Kimsuky to facilitate the delivery of the sophisticated GuptiMiner malware that would then distribute cryptocurrency mining payloads, according to BleepingComputer.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.