![]() That gives the attacker full control of a system including file transfer and remote access. The end result of an infection with the FakeUpdates campaign is that your system runs the Chtonic banking malware, which is a variant of ZeusVM. If a system isn't attractive enough, the script can shut down without installing malware. The script analyzes the victim's system and gives the attacker flexibility in delivering the actual payload. The Dropbox URL frequently changes to avoid detection and blocking. Instead, a malicious JavaScript file is served up from Dropbox. If you do fall for the fake update, you don't get an executable. The styling of these pages looks spot-on. There's a version for Flash updates, too. So Firefox users get a page about running an old version of Firefox, and it's the same for Chrome users. The update notification (which is a redirected URL) is themed to match your browser. For one, it only serves the fake update notification once per IP address. This is a clever attack that uses a light touch with a site's visitors. You might wonder how this attack could pop up on thousands of websites for months without detection until recently. When you visit one of these infected sites, you'll get a fake update notification (hence the name) that kicks off the infection. Sites using WordPress, SquareSpace, and Joomla content management systems have been targeted by the group behind this so-called "FakeUpdates campaign." The attackers either modify or replace JavaScript files on the site in order to target visitors. ![]() The attack most likely began late last year, and some site operators began noticing something was afoot in February. According to Malwarebytes (Opens in a new window), there are probably thousands of affected sites. There's a new piece of malware making the rounds online via hacked websites that uses sophisticated redirects and modified JavaScript to load a malicious payload on your computer. Most malware attacks rely on fooling users into launching a corrupted executable file, and online criminals have come up with plenty of ways to do that. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |