Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Major websites hacked leaving users vulnerable

PC Advisor staff | March 26, 2013
MSN and NBC vulnerabilities leave ‘ransomware’ on unprotected PCs

Many Internet users think that so long as you visit well-known websites you'll be safe online. Yet ,recent research from AVG's Web Threats Research Team has identified two cybercrime campaigns coded into some of the internet's most popular sites.

With increasingly sophisticated attacks, sticking to major websites when browsing online is not enough to keep you safe anymore. Cybercriminals aren't lurking only in the internet's dark alleyways waiting to steal your details, but are brazenly hacking sites you already trust in order to install so-called 'ransomware' on your PC or tablet.

AVG's Insight Report reveals how researchers discovered a popular page on MSN Italy was redirecting visitors using malicious code that bore the traits of the 'Cool Exploit Kit' - one of the latest in a growing number of off-the-shelf malware solutions available to wannabe cybercriminals.

The malware generated a full-screen message claiming to be from the US Department of Justice, which advised users their PC had been blocked due to illegal files saved on the systems network.It's a similar tactic to the 'police' virus which has been robbing users of their cash recently.

Ransomware pop-up

Although prompted to pay a 'release fee' to regain control of the system, paying the 'ransom' did not unlock the machine or remove the malicious code. To regain control, the user (or an IT professional) had to clean boot the machine and attempt to repair it by tracking down and removing the malicious code.

A similar attack which redirected users to 'Redkit Exploit Kit' code was tracked by the same researchers on sites including US TV Network, Late Night With Jimmy Fallon and Jay Leno's Garage. By using Javascript files and a Redkit Exploit Kit unwitting visitors were directed to hundreds of websites that had also been compromised by the cybercriminals.

NBC website

The Redkit - like many exploit kits - was configured to install malware on any exploited PC; in this case it installed the Citadel Trojan, which stole users banking credentials and other sensitive information stored on their PC. The bulk of the reports were from consumers in the US, Canada and the UK.

What might seem some surprising is that these are clearly not amateur websites built and operated without thought of security or budget to keep the bad guys out - they're major websites owned by large corporations, and most people would quite naturally assume they'd be safe visiting them without fear of their computer being harmed.

Yuval Ben-Itzhak, AVG'S Chief Technology Officer said, "These cases prove that advice to stick to reputable websites to avoid cybercriminals is no longer fully valid. Of course, you'll be safer than if you browse the Internet's seedier destinations, but hacked sites are as common as ever and infected pages can be, as we see here, served from big-name sites that you would normally expect to be safe and secure."


1  2  Next Page 

Sign up for MIS Asia eNewsletters.