Match.com denies users are at risk from malware infection

Love split

Using online dating sites? Keep safe - and that's not a warning against the people you date.

It emerged yesterday that UK users of Match.com may have been at risk after a possible malware attack on the site, the latest cybercrime againstonline dating sites after the hack of extramarital serviceAshley Madison,

The site has since released a statement denying that users' data was breached, yet acknowledging a security issue with some of its adverts.

"We take the security of our members very seriously," said Match.com. "Earlier today we took the precautionary measure of temporarily suspending advertising on our UK site whilst we investigated a potential malware issue.

"Our security experts were able to identify and isolate the affected adverts, this does not represent a breach of our site or our users' data."

The malware in question could steal personal details and send users spam emails, according to research firm Malwarebytes (via BBC News). Users are at risk from ransomware spread by malicious advertising on the site, the firm said.

The site added: "The issue identified today is related to malware within advertising that was published on our site, to be clear is not a breach of our site or user data. Like many websites, Match.com's advertisements are provided by third party partners and we have worked closely with them to respond quickly to this potential vulnerability."

Most at risk were thought to be those users with outdated browsing software and plugins such as Flash, Silverlight, Reader and Java, which could allow the malicious software to load onto their PC or device before locking them out.

"To date we have not received any reports from our users that they have been affected by these adverts," Match.com continued. "Nonetheless, we advise all users to protect themselves from this type of cyber-threat by updating their antivirus/anti malware software."

The dating site currently has 27.3m visitors per month, seven per cent of which come from the UK.

Earlier this year, a report from threat detection firm Damballa revealed hackers are using click fraud to distribute ransomware, while Bitdefender uncovered a scam email campaign that was locking Android devices and demanding a $500 release fee.

"We're seeing these types of attacks happen more and more," said a spokesperson for Malwarebytes. "Companies should always have effective measures in place to monitor for these malicious ads."

Following the massive hack on Ashley Madison and subsequent exposure of 37m customers data, leaked internal documents revealed that the company had been aware of a "lack of review of security measures," which may have left them vulnerable.

A statement from parent company ALM said: "This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities.The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world."

Last month, a malvertising campaign took control of Yahoo's advertising network for four days, putting hundreds and millions of people at risk of being infected.

Liz Fitzsimons, data security expert at law firm Eversheds, commented on the recent attacks saying:"Following today's attack on match.com andthe recent monumental data security breach at Ashley Madison, relationship website operators and users should be aware they are being specificallytargeted by cyber criminals and must take extra care to protect their data."

Yet others, such as Lancope's vice president of threat intelligence, Gavin Reid, are keen to point out the differences between this and other recent cases.

"It is important to not confuse the attack at Match with full site comproises like the recent hack of Ashley Madison," he said. "The information on this attack shows a much different issue of malvertising (ads that contain links to malware) being viewed on their website. Malvertising has plagued online websites, with almost all of the top 100 sites having hosted them at some time."

According toDr David Chismon, senior researcher atMWR, thechoice of CryptoWall and Bedep payloads indicates that the attackers are interested in compromising consumers and individuals for data ransom purposes.

"However, users increasingly blur work and personal lives and people browsing Match.com from their work computer may lead to their corporate computer being infected and potential files on any mapped fileshares encrypted and ransomed," he said.

"Furthermore, there is a risk that attackers discover they have compromised computers of note and sell that access onto attackers with more interest in information theft."

Caroline Preece

Caroline has been writing about technology for more than a decade, switching between consumer smart home news and reviews and in-depth B2B industry coverage. In addition to her work for IT Pro and Cloud Pro, she has contributed to a number of titles including Expert Reviews, TechRadar, The Week and many more. She is currently the smart home editor across Future Publishing's homes titles.

You can get in touch with Caroline via email at caroline.preece@futurenet.com.