• United States



by PC Advisor staff

Major websites hacked leaving users vulnerable

Mar 25, 20134 mins
Data and Information SecuritySecurityViruses

MSN and NBC vulnerabilities leave 'ransomware' on unprotected PCs

Many Internet users think that so long as you visit well-known websites you’ll be safe online. Yet ,recent research from AVG’s Web Threats Research Team has identified two cybercrime campaigns coded into some of the internet’s most popular sites.

With increasingly sophisticated attacks, sticking to major websites when browsing online is not enough to keep you safe anymore. Cybercriminals aren’t lurking only in the internet’s dark alleyways waiting to steal your details, but are brazenly hacking sites you already trust in order to install so-called ‘ransomware’ on your PC or tablet. See also: Why the police virus was so effective

AVG’s Insight Report reveals how researchers discovered a popular page on MSN Italy was redirecting visitors using malicious code that bore the traits of the ‘Cool Exploit Kit’ – one of the latest in a growing number of off-the-shelf malware solutions available to wannabe cybercriminals.

The malware generated a full-screen message claiming to be from the US Department of Justice, which advised users their PC had been blocked due to illegal files saved on the systems network.It’s a similar tactic to the ‘police’ virus which has been robbing users of their cash recently.

See also: What are the biggest mobile threats in 2013?

Although prompted to pay a ‘release fee’ to regain control of the system, paying the ‘ransom’ did not unlock the machine or remove the malicious code. To regain control, the user (or an IT professional) had to clean boot the machine and attempt to repair it by tracking down and removing the malicious code.

A similar attack which redirected users to ‘Redkit Exploit Kit’ code was tracked by the same researchers on sites including US TV Network, Late Night With Jimmy Fallon and Jay Leno’s Garage. By using Javascript files and a Redkit Exploit Kit unwitting visitors were directed to hundreds of websites that had also been compromised by the cybercriminals.

The Redkit – like many exploit kits – was configured to install malware on any exploited PC; in this case it installed the Citadel Trojan, which stole users banking credentials and other sensitive information stored on their PC. The bulk of the reports were from consumers in the US, Canada and the UK.

What might seem some surprising is that these are clearly not amateur websites built and operated without thought of security or budget to keep the bad guys out – they’re major websites owned by large corporations, and most people would quite naturally assume they’d be safe visiting them without fear of their computer being harmed.

Yuval Ben-Itzhak, AVG’S Chief Technology Officer said, “These cases prove that advice to stick to reputable websites to avoid cybercriminals is no longer fully valid. Of course, you’ll be safer than if you browse the Internet’s seedier destinations, but hacked sites are as common as ever and infected pages can be, as we see here, served from big-name sites that you would normally expect to be safe and secure.”

To ensure you do not fall victim to the latest malware trend AVG suggests following the three simple steps below:

1) Scan those links: This has to be the first line of defence against web-based malware. Many security products come with link scanner capabilities already installed. After all, if you can avoid the infected pages completely, your device stands a much better chance of staying protected.

2) Security software: Link scanning is one measure you should take, but it’s also important to have up to date antivirus security software installed. It can help prevent the malware from doing any damage by either blocking it in the first instance or, if it does manage to infect your system, removing all traces of the software.

3) Moving target: Recent research shows that mobile malware is rising. Whether you are browsing using your tablet, smartphone or laptop stay sharp about online threats and take action to protect yourself online.

You may also be interested in our security software reviews