Malware Attack that put Users at Risk

By   ISBuzz Team
Writer , Information Security Buzz | Sep 09, 2015 02:00 am PST

Match.com, is at risk from malware which could steal personal information, send spam emails and operate silently within their devices without their consent. Visitors to the site are at risk from malware which could steal personal information, send spam emails and operate silently within their devices without their consent.

Website visitors are also at risk from CryptoWall ransomware – a sophisticated Trojan that will encrypt files on a user’s computer and hold them ransom, according to Malwarebytes. CryptoWall passes users to a site where users can pay for files on their computer to be decrypted. Users can be told to pay $500 in order to free files on their computer. Security experts from Tripwire, Lieberman Software, ESET explain what users should do, the possible implications and how Match.com should handle the situation.

[su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire :

“The distribution of malware through advertising networks isn’t new, but the consequences of being infected remain serious. Users can have their personal information copied, or their own data held for ransom, just for visiting a site that serves up a malicious advert.

The best protection from this kind of attack is to ensure your computer is up to date with security patches. Malware often exploits a known vulnerability for which patches exist, but haven’t been applied.”[/su_note]

[su_note note_color=”#ffffcc” text_color=”#00000″]Jonathan Sander, VP of Product Strategy at Lieberman Software :

“The attack hitting Match.com users is a chain and the people in front of their computers are the weakest link. Unless their system is very old or badly configured, they will be asked if they will allow something to install at some point and they can stop all the damage by saying “no.” If you ask anyone as a hypothetical “would you say yes if a strange program asked you if it can install on your computer?” then they will say they would not. In reality, when little pop-ups appear most people simply hit “yes” to make them go away. Bad guys rely on that lack of security awareness. The best thing to protect people is not even allow them to install software by denying them the local administrative rights they need to do it. But users like to install their own screen savers and weather apps, and administrators don’t like being bothered by users for that small stuff. So security takes a back seat and malware keeps on spreading.”[/su_note]

[su_note note_color=”#ffffcc” text_color=”#00000″]Mark James, Security Specialist at IT Security Firm ESET :

“Shortened URLs are a problem for everyone these days. We always talk about checking any links you are about to press to ensure you’re not going to end up somewhere you should not. This is easier if you can read the whole link, when they are shortened or abbreviated it’s a whole new problem for users. Always, where possible, check the destination of any links before you commit to them.”

  • What should users to the site do to check if they have been affected by the malware?

“The first thing they need to do is ensure their internet security products, applications and operating systems are fully patched and up to date. As an average user, it’s your best protection. Next, go change your passwords NOW, not after dinner or tomorrow. Any passwords used on this site that happen to coincide with any passwords used on other sites should be changed immediately. Be on the lookout for emails or other means of communication that could come your way using data stolen as a result of this attack.  Also, from now on make sure that every password you use is unique if this is not already the case.”

  • What will cybercriminals be able to do with the data they obtain?

“This data can and will be used for targeted phishing attacks, anything that can be used to “up” the trust level of any correspondence from them to you with a view of obtaining more data, including credit card details, will be top of their list. If they can fool you into thinking they are legitimately from your financial company then getting those details will be a whole lot easier, they could also directly use any information they manage to obtain to log into other sites that may include credit card related websites.”

  • How should Match.com handle this situation?

“It’s very important they manage their advertising networks correctly, with the increasing attention being directed to adverts and malware.  Making sure we the users are protected from this avenue of attack is ultra important these days. Match.com need to keep their users up to date on what measures they are taking to protect their data and will need to offer some kind of credit protection for anyone involved in this breach.”[/su_note]

Subscribe
Notify of
guest
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

0
Would love your thoughts, please comment.x
()
x