Are you a UK single looking for love and passion? Be aware another threat is menacing dating communities, this time the popular dating web site Match.com and its 5.5 million British users suffered a Malvertising attack.
“In an attack similar to the one that happened last month on PlentyOfFish, the UK version of online dating site Match.com was caught serving malvertising. Both companies are actually related since the Match Group bought out POF.com last summer. This latest malvertising incident is the work of the same gang using Google shortened URLs leading to the Angler exploit kit.” states a blog post published by Malwarebytes.
The infection flaw reported by the researchers at MalwareBytes is composed of the following steps:
Malvertising campaigns are very profitable for hackers as explained by Malwarebytes, once infected the PC, the attackers could also serve CryptoWall ransomware.
“The cost per thousand impressions (CPM) for the booby trapped ad was only 36 cents, which is nothing compared to how much infected computers can bring in terms of revenues. For instance, CryptoWall demands $500 per victim. We alerted Match.com and the related advertisers but the malvertising campaign is still ongoing via other routes.” said Jérôme Segura, senior security researcher at Malwarebytes.
A spokesperson for Match.com UK said:
“We take the security of our members very seriously. Earlier today we took the precautionary measure of temporarily suspending advertising on our UK site whilst we investigated a potential malware issue. Our security experts were able to identify and isolate the affected adverts, this does not represent a breach of our site or our users’ data.” “To date we have not received any reports from our users that they have been affected by these adverts. Nonetheless, we advise all users to protect themselves from this type of cyber-threat by updating their antivirus / anti malware software.”
This is the last attack against dating websites in order of time, a few weeks ago Ashley Madison suffered a major data breach, later visitors of the PlentyOfFish portal were targeted and last week I reported a large-scale campaign conducted by alleged Russian hackers that hit a number of dating websites.
(Security Affairs – Mach.com, malvertising)