contador web Saltar al contenido

Malware impersonates porn site to infect computers | Security

Spelevo, a kit that works as a platform for distributing various types of malware, has changed the way it attacks and infects computers. In the new approach, the kit takes the user to a fake adult content site, encouraging them to download a video codec to be able to watch the videos. The information was revealed by security experts at Malwarebytes, last Wednesday (18). According to the company, statistics show that at least one such campaign can generate millions of visits per month to the fake website, which distributes the packaged viruses via Spelevo.

READ: Worst Passwords of 2019: Ranking Reveals Which Words You Shouldn't Use

Vulnerability exploitation kit uses social engineering to distribute Trojan horse that steals bank details Photo: Reproduction / FreepikVulnerability exploitation kit uses social engineering to distribute Trojan horse that steals bank details Photo: Reproduction / Freepik

Vulnerability exploitation kit uses social engineering to distribute Trojan horse that steals bank details Photo: Reproduction / Freepik

Want to buy cell phones, TV and other discounted products? Meet Compare TechTudo

According to analyzes by Malwarebytes' technicians, the intention behind the modification is to create a new malware distribution vector. The attack works by first scanning the victim's computer for vulnerabilities in Internet Explorer and Flash Player. If the check does not detect any flaws, the user is immediately taken to the fake porn site.

Also according to experts, the new campaign has as its first objective to distribute Ursnif, a Triathlon horse designed to discover bank data of the user. If the attempt fails and the user ends up downloading the fake video codec, the computer may end up infected with Qbot, another malware linked to financial crimes.

In the post detailing the operation, the specialist Jrme Segura notes that this type of social engineering attack still works because many people remember a time when it was common to need to download codecs to view content on the Internet.

Fake porn site presents a message for the user to download a fake codec that is actually the virus Photo: Divulgao / MalwarebytesFake porn site presents a message for the user to download a fake codec that is actually the virus Photo: Divulgao / Malwarebytes

Fake porn site presents a message for the user to download a fake codec that is actually the virus Photo: Divulgao / Malwarebytes

The alert is important because it reinforces the need for the user to always be careful about what he / she downloads from the Internet, in addition to being attentive to the websites he / she browses and the pages that open themselves in the browser. Other security measures to prevent attacks of this type are to use an always up-to-date system, something that should address the known vulnerabilities of Internet Explorer and Flash Player, and also have an antivirus tool up to date.

Via Malwarebytes, Bleepingcomputer

How to remove virus from flash drive

How to remove virus from flash drive