Looking for a date in time for Valentine’s Day? If you’re using Tinder, be careful when swiping right. Cybersecurity researchers discovered security flaws in the popular dating app that could allow hackers to discover users’ private data and personal preferences, like the photos of users they’ve swiped right or left on. In other cybersecurity news, a cybercrime “conglomerate” named Zirconium has been found responsible for the largest malvertising operation of 2017. Using a network of 28 fake ad agencies, Zirconium strategically placed ads that led users to malicious websites pushing scams or fake software updates. The campaigns were so successful – and so sneaky – that they generated 1 billion ad views in 2017.
Internet-connected devices can make our lives easier, from home assistants like Amazon Echo, to interactive toys like CloudPets. However, they’re also inherently insecure and easily hacked, a factor many overlook in favor of convenience. In our latest Decoding Security podcast, Website Security Research Analysts Jessica Ortega and Michael Veenstra discuss the risks of using internet-connected devices in our everyday lives, and the costs of security versus convenience.
Earlier this week, security researchers reported on a trending adware infection known as Fireball. Sourced to the Chinese marketing firm Rafotech, reports indicate a footprint of more than 250 million infected machines worldwide. While the infection currently appears to only make changes to victims’ browser homepages and search engines, analysis suggests that the software could be remotely leveraged to act as a malware dropper. A malware dropper is a program that can be used to remotely install malicious software onto a victim’s computer or network. This can be performed after any amount of time following the installation of the dropper itself.
If true, it’s possible that infected systems could be made part of a botnet and used to carry out new types of attack over the Internet.
The Fireball adware is being distributed via freeware software installers through a method known as bundling. You’re likely to have seen bundling yourself at some point. Legitimate software developers use bundling as a way to monetize the release of otherwise free software. When you download and install such a program to your computer, you may notice that you’re being asked to install additional, unrelated software, like toolbars or free trials of a different company’s programs. While annoying, most cases of bundling are simply a way for developers to make money while releasing a free product. However, this can also be used to deliver PUA (Potentially Unwanted Applications), like adware, software that can track your behavior online and serve advertisements based on this data.
Because of this, it’s important to remain mindful of the sources of programs you install. Cracked versions of paid products frequently include malicious files that can be used to infect your systems. For website owners, this also applies to pirated versions of software that you might want to install on your website, like premium WordPress plugins and themes. Even if the pirated files are free of malware, they do not typically receive security patches from the original developers, or they could be configured to download a malicious component at a later time. This can open your website to a myriad of vulnerabilities that can be exploited by attackers to cause further damage to your online reputation.
Another point to consider, in the wake of Fireball’s massive online footprint, is the potential for damage caused by a botnet of this size. Malicious tasks that would be practically impossible for a single machine to perform (bulk hash cracking, login bruteforcing, denial of service attacks, etc.) become trivial when an attacker can utilize a quarter billion machines simultaneously to accomplish their goals. The potential for mobilization on this scale means it’s as important as ever to ensure tight security on all of your systems.
Strong passwords are a good start. Changing passwords regularly is another important step, given the frequency of major data leaks across the internet. By changing your credentials, you render a previously leaked password useless.
Protecting your website from bot traffic is a critical step in preventing malicious activity on your site. SiteLock TrueShield, a web application firewall, provides effective traffic filtering that can drastically limit the impact of these attacks. Contact a SiteLock Website Security Consultant at 855.378.6200 to find the right security package for your business. We are available 24/7/365 to help.
Can you tell the difference between the two ads below?
Advertisement A Advertisement B
They may appear to be identical, but actually, they are far from it. Advertisement A is a perfectly legitimate ad, while Advertisement B contains malware.
Advertisement B is an example of malvertising, or malicious advertising. Malvertising is a hack cybercriminals use to spread malware via online advertisements. As you can see, malvertisements are deceiving and the damage can go beyond your website by infecting your computer with malware.
It’s easy to get wrapped up in the holiday frenzy. With the allure of Cyber Monday markdowns, it’s easy to forget to use proper precautions when shopping online. Everyone expects that all the ecommerce sites are safe, but there is always the possibility of getting tricked into visiting a website managed by cybercriminals. Here are a couple things to be mindful of as you shop online this weekend.