Security researchers have discovered malicious adverts on the UK version of dating site Match.com. Malwarebytes, which found the cyber-threat, said that anyone caught by the ads could fall victim to ransomware.
Malicious ads were appearing on pages of the site via an ad network that passes content to Match.com and other places, redirecting those who click on the adverts through a series of links to a site embedded with code that checks if a visitor is running outdated versions of commonly-used software.
Bugs in the versions of Flash, Java, Adobe Reader and Silverlight used in browsers were all being exploited by the malicious code. Once compromised, the machine could be hit by one of several different attacks. The servers themselves have not been breached. The assault against users of Match.com is basically geared toward variants of the CryptoWall ransomware and the Bedep ad fraud Trojan.
Malwarebytes said it was unclear as to how many people fell victim to the malicious adverts since the booby-trapped ads were served through a network that provided content to many sites. Match knew about the ads and is investigating the issue and working to clean up the site's feed. “We take the security of our members very seriously indeed,” said a spokesperson for Match.com.
David Kennerley, senior manager for threat research at Webroot commented, “Malvertising attack is becoming a go-to method for fraudsters, with Yahoo! and Australian operator Telstra also falling foul last month. Money is the primary motivation for attacks of this nature and often these malicious ads are for additional attacks.” Earlier hackers claimed to have personal details of more than 37 million cheating spouses on dating website Ashley Madison and have threatened to release nude photos and sexual fantasies of the site's clients unless it is shut down.
