Hackers have branched out into a new scheme which mimics the URLs of certain videos and ads, getting you to click on them, and then re-directing you to malware-installing pages. Malware, or “malvertising” poses its largest risk at the “zero-day” point, where hackers are able to blindside most individuals, businesses, and even some security companies by ambushing databases or networks at the point of access vulnerabilities previously unseen or unknown by users or network owners. Malware videos do what’s called an “exploit” of vulnerabilities at the front-end user interface point.
[youtube https://www.youtube.com/watch?v=-2mU_F0ePNQ]Exploiting Trust
Malware video hackers exploit the trust of Web surfers via tricking them with normally familiar URLs that are one letter or character off of their proprietary spelling. Those who aren’t exactly vigilant about what links they click on, or assume that the mimic URL is one from a trusted company get a rude awakening in the form of being escorted to a site that will, like ransomware, hold your computer hostage until you meet the hackers’ demands for payment. And, as Dana Torgersen of Malwarebytes explains, “the hackers will then alert you that ‘We know you’ve done such and such online and we will share your private activity unless you pay up’.”
Choose Your Exploits Well
What’s the answer to this latest iteration of hackerism? Choose your exploits well, that’s how. And, install the proper protections from video malware attacks. Malwarebytes offers an anti-exploit malware-fighting program for those concerned about their data safety when navigating video sites online. And, it’s not just video streaming sites you have to be leery of. Video malware “mimics” are also mimicking ads for your favorite products and services, basing those attacks on the same (lack of) principles on which their video attacks work.
Lessons and Preventive Measures
Hackers enjoy shaming their victims and then bluffing them with arbitrary dollar amounts owed that sound too specific not to be true to many who experience these malware attacks. As Christopher Boyd (AKA Paperghost), Malware Intelligence Analyst with Malwarebytes advises, “Don’t pay them. Those who continue to pay these hackers keep enabling them to do their crimes. Having them share pictures or your recent (even racy) browsing history is worth enduring. It simply isn’t worth it” Jerome Segura, Malwarebytes Senior Security Researcher advises non-compliance with malware hackers and FBI ransomware (malware that locks up your computer and tells you the FBI is aware of your activity and that you need to pay so-and-so to release it), telling his customers to be extremely careful about the content they browse and visit, especially pornographic sites, which see an inordinately high number of malware “ambushes”.
“Crush Malware” is the Malwarebytes company slogan, which is good all-around advice for anyone doing business (many businesses routinely work in or on video streaming sites) or just navigating the Web. Crush it with a package from Malwarebytes that will stop malware exploits in their tracks, allowing you to freely browse the Web once again.