Monday, 16 June 2014

DeviantArt Malwaretising Campaigns lead to Potentially Unwanted Apps

DeviantArt Malwaretising
Today, the estimated number of known computer threats like viruses, worms, backdoors, exploits, Trojans, spyware, password stealer, and other variants of potentially unwanted software range into millions. It has the capability to create several different forms of itself dynamically in order to thwart antimalware programs.

Users of the biggest online artwork community, DevianART with Global Alexa Rank 148, are targeted by the potentially unwanted software programs -- delivered by the advertisements on the website, Stop Malvertising reported on Sunday.

A Potentially Unwanted Application (PUA) is a program that may not be intentionally malicious, but can negatively affect the performance and reliability of the system by distributing spyware or adware that can cause undesirable behavior on the computer. Some may simply display annoying advertisements, while others may run background processes that cause your computer to slow down. However, unlike malware, users themselves consent to install a PUA into their systems.

The malicious advertisements are delivered via newly registered (3rd March 2014) domains - Redux Media (www.reduxmedia.com) and avadslite.com. "Over the past months, this domain has been seen to resolve to the following IP addresses: 107.20.210.36 (2014-05-01), 54.243.89.71 (2014-05-01) and 184.170.128.86 (2014-05-25). According to VirusTotal, malware has communicated with the last two IP addresses." Kimberly from Stop Malvertising said.

Once the user click on the Ad served by the DevianArt website, they are redirected to the Optimum Installer, a source of Potentially Unwanted Applications (PUA's) that downloads legitimate software applications as well as bundled third-party software including toolbar.
malware ad
As shown, a pop-under warning will urge users to "update Media Player", immediately followed by a second advertisement to "update Windows 7 Drivers" to avoid vulnerabilities, reduce crashes and ensure an optimal browsing experience. This is just a scam nothing more or less, do not fall for it.

Obviously, these are well known social engineering techniques to trick the computer user into installing malicious or ad-support software. Such infection are designed specifically to make money, generate web traffic, and will display advertisements and sponsored links within your web browser.

You should always pay attention when installing software because often, a software installer includes optional installs, such as this “Update Windows 7 Drivers” adware. Be very careful what you agree to install. Stay Safe.
Reference- http://thehackernews.com/

No comments:

Post a Comment