Friday, March 29, 2024
Search
  
Saturday, July 5, 2014
 Dailymotion Compromised to Send Users to Exploit Kit
You are sending an email that contains the article
and a private message for your recipient(s).
Your Name:
Your e-mail: * Required!
Recipient (e-mail): *
Subject: *
Introductory Message:
HTML/Text
(Photo: Yes/No)
(At the moment, only Text is allowed...)
 
Message Text: Symantec disclosed that the popular video sharing website Dailymotion was recently compromised to redirect users to the Sweet Orange Exploit Kit.

The attack, which occured on June 28 according to the security firm, took advantage of vulnerabilities in Java, Internet Explorer, and Flash Player. If the vulnerabilities were successfully exploited during the campaign, pay-per-click malware was then downloaded on the victim?s computer.

The attackers injected an iframe into the Dailymotion website which redirected users to a different website. This website in turned sent users to a highly obfuscated landing page of the Sweet Orange Exploit Kit. The exploit kit detected any vulnerable plugins on the user's computer and dropped the exploits accordingly. If the kit successfully exploited any of those vulnerabilities, then Trojan.Adclicker was downloaded onto the victim's computer. This malware forced the compromised computer to artificially generate traffic to pay-per-click Web advertisements in order to generate revenue for the attackers.

Dailymotion is no longer compromised, as users are currently not being redirected to the exploit kit.

Dailymotion is a very popular website so the attackers could have potentially infected a substantial amount of users? computers with malware through this attack. Symantec found that that the campaign mainly affected Dailymotion visitors in the US and Europe.

Dailymotion did not immediately respond to a request for comment.


 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2024 - All rights reserved -
Privacy policy - Contact Us .