How a fake antivirus attack works
Posted on 03.02.2014
Earlier this month, Invincea researchers have warned about visitors of video-sharing website Dailymotion being targeted with malicious ads leading to bogus infection warnings and the download of a fake AV solution.

Unfortunately, the warning still stands, as the popular website - 96th most popular in the world, with tens of millions of unique visitors each month - is still bombarding visitors with the fake warnings.

The approach is the same as it was before, and the attack is likely very effective as it is very convincing, as you can see in this demo recorded by the researchers:

Not only do the victims get saddled with malware, but they are likely to pay for the "full version" of the fake AV (some $100) and have their credit card details stolen in the process.

The researchers have again alerted Dailymotion about the problem, but have confirmed that they their initial notification went unacknowledged.

I wonder if the problem lies in the fact that the company has passed into the hands of France Telecom's Orange around the same time the initial attack was spotted. Maybe the scammers took advantage of the understandable commotion following such a change?

Anyways, the malware served in this attack is still detected only by a handful of commercial AV solutions, so avoiding DailyMotion's website is a good idea for now.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th