Did You Know?

Community Leader
Posts: 1,099
Registered: ‎06-12-2013

DailyMotion Users Affected in Malvertising Attack

[ Edited ]

Bad ads strike again, this time affecting visitors to video-sharing site DailyMotion. The site showed malicious ads to visitors and directed them to a different site pushing a fake antivirus scam.

Users visiting the DailyMotion homepage with the malicious ad were being redirected via an invisible iframe to a malicious site hosted in Poland, according to a write-up and video by security company Invincea. The malicious site displayed a warning from "Microsoft Antivirus" that a critical process must be cleaned to prevent system damage. If the user clicked on the accompanying dialog box to remove the infection, malware—in this case, a variant of the Graftor Trojan—was downloaded onto the computer.

Invincea initially uncovered and reported the problem back on January 7 http://www.invincea.com/2014/01/dailymotion-com-redirects-to-fake-av-threat/, but discovered the site was still directing users to the malicious site as of late afternoon January 31 http://www.invincea.com/2014/01/k-i-a-dailymotion-part-2-fakeav-threat/. It's not clear at this point if DailyMotion never addressed the problem and the site has been serving up malware for almost three weeks, or if it was originally fixed and the issue recurred again.

DailyMotion informed Security Watch in a support email on Saturday afternoon that the problem has been solved, but did not provide any other details. Considering that Invincea reported the problem twice within a month, the lack of information doesn't really inspire a lot of confidence in the site at the moment.


Full Article

Community Leader

Please use plain text.