Incident Response, TDR, Threat Management

Malware attacks hit Match.com UK site

Security researchers have discovered malicious adverts on the UK version of dating site Match.com.  Malwarebytes, which found the cyber-threat, said that anyone caught by the ads could fall victim to ransomware.

Malicious ads were appearing on pages of the site via an ad network that passes content to Match.com and other places, redirecting those who click on the adverts through a series of links to a site embedded with code that checks if a visitor is running outdated versions of commonly-used software.

Bugs in the versions of Flash, Java, Adobe Reader and Silverlight used in browsers were all being exploited by the malicious code. Once compromised, the machine could be hit by one of several different attacks. The servers themselves have not been breached.

The assault against users of Match.com is basically geared toward variants of the CryptoWall ransomware and the Bedep ad fraud Trojan.

Malwarebytes said it was unclear as to how many people fell victim to the malicious adverts since the booby-trapped ads were served through a network that provided content to many sites.

Match knew about the ads and is investigating the issue and working to clean up the site's feed. “We take the security of our members very seriously indeed,” said a spokesperson for Match.com.

David Kennerley, senior manager for threat research at Webroot commented, “Malvertising is becoming a go-to method for fraudsters, with Yahoo! and Australian operator Telstra also falling foul last month. Money is the primary motivation for attacks of this nature and often these malicious ads are for additional attacks.”

This story originally appeared on SCMagazineUK.com.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.