Major websites hacked leaving users vulnerable

MSN and NBC vulnerabilities leave 'ransomware' on unprotected PCs

Many Internet users think that so long as you visit well-known websites you'll be safe online. Yet ,recent research from AVG's Web Threats Research Team has identified two cybercrime campaigns coded into some of the internet's most popular sites.

With increasingly sophisticated attacks, sticking to major websites when browsing online is not enough to keep you safe anymore. Cybercriminals aren't lurking only in the internet's dark alleyways waiting to steal your details, but are brazenly hacking sites you already trust in order to install so-called 'ransomware' on your PC or tablet. See also: Why the police virus was so effective

AVG's Insight Report reveals how researchers discovered a popular page on MSN Italy was redirecting visitors using malicious code that bore the traits of the 'Cool Exploit Kit' - one of the latest in a growing number of off-the-shelf malware solutions available to wannabe cybercriminals.

The malware generated a full-screen message claiming to be from the US Department of Justice, which advised users their PC had been blocked due to illegal files saved on the systems network.It's a similar tactic to the 'police' virus which has been robbing users of their cash recently.

See also: What are the biggest mobile threats in 2013?

Although prompted to pay a 'release fee' to regain control of the system, paying the 'ransom' did not unlock the machine or remove the malicious code. To regain control, the user (or an IT professional) had to clean boot the machine and attempt to repair it by tracking down and removing the malicious code.

A similar attack which redirected users to 'Redkit Exploit Kit' code was tracked by the same researchers on sites including US TV Network, Late Night With Jimmy Fallon and Jay Leno's Garage. By using Javascript files and a Redkit Exploit Kit unwitting visitors were directed to hundreds of websites that had also been compromised by the cybercriminals.

The Redkit - like many exploit kits - was configured to install malware on any exploited PC; in this case it installed the Citadel Trojan, which stole users banking credentials and other sensitive information stored on their PC. The bulk of the reports were from consumers in the US, Canada and the UK.

What might seem some surprising is that these are clearly not amateur websites built and operated without thought of security or budget to keep the bad guys out - they're major websites owned by large corporations, and most people would quite naturally assume they'd be safe visiting them without fear of their computer being harmed.

Yuval Ben-Itzhak, AVG'S Chief Technology Officer said, "These cases prove that advice to stick to reputable websites to avoid cybercriminals is no longer fully valid. Of course, you'll be safer than if you browse the Internet's seedier destinations, but hacked sites are as common as ever and infected pages can be, as we see here, served from big-name sites that you would normally expect to be safe and secure."

To ensure you do not fall victim to the latest malware trend AVG suggests following the three simple steps below:

1) Scan those links: This has to be the first line of defence against web-based malware. Many security products come with link scanner capabilities already installed. After all, if you can avoid the infected pages completely, your device stands a much better chance of staying protected.

2) Security software: Link scanning is one measure you should take, but it's also important to have up to date antivirus security software installed. It can help prevent the malware from doing any damage by either blocking it in the first instance or, if it does manage to infect your system, removing all traces of the software.

3) Moving target: Recent research shows that mobile malware is rising. Whether you are browsing using your tablet, smartphone or laptop stay sharp about online threats and take action to protect yourself online.

You may also be interested in our security software reviews

Join the CSO newsletter!

Error: Please check your email address.

Tags AVG Technologiessecurity

More about CitadelDepartment of JusticeMSNNBCTechnologyUS Department of Justice

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by PC Advisor staff

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place