Perez Hilton malware strikes millions of users

Gossip site with 500,000 daily visitors serves up double order of malvertising

The website of celebrity gossip hound Perez Hilton has been serving malware to visitors, it has been revealed, with potentially millions of users affected.

The site was afflicted with malvertising, where adverts on a legitimate site are used to host malware. In this case, users clicking on the ads would have been redirected to the notorious Angler exploit kit, which detects vulnerabilities in Flash and Java and uses them to deploy other malware onto victims' PCs.

According to Nick Bilogorsky, senior director of threat intelligence at Cyphort, PerezHilton.com was used to host two malvertising campaigns.

The first was detected on 30 April, when unfortunate victims would have been redirected via the malicious advert to Angler, which typically deploys Bedep malware onto their computer. Bedep, in turn, downloads CryptXXX ransomware.

Advertisement
Advertisement - Article continues below

The second, which Cyphort researchers discovered on 6 May, used a different exploit kit, a different redirector, and used Amazon Cloudfront CDN to distribute the malware.

"Malvertising continues to be one of the preferred vectors for attackers to compromise users' machines with malware," said Bilogorsky. "Many users fought back by disabling all advertising to secure themselves. Nearly 200 Million now use Adblock, according to Statista. In 2015, this form of ad blocking cost publishers nearly $22 Billion dollars."

To help mitigate this, Bilogorsky said: "Advertising networks should use continuous monitoring - automated systems for repeated checking for malware ads, need to scan early and scan often, picking up changes in the advertising chains, and leverage the latest threat intelligence to power these monitoring systems."

In a post on Graham Cluley Security News, David Bisson advised: "At the very least, ordinary users should make a special point of implementing all software and security updates as soon as they become available. Doing so will not stop a malvertising campaign from redirecting them to a malicious website, but it could prevent an exploit kit like Angler from taking advantage of open software vulnerabilities on their computers."

Featured Resources

Application security fallacies and realities

Web application attacks are the most common vulnerability, so what is the truth about application security?

Download now

Your first step researching Managed File Transfer

Advice and expertise on researching the right MFT solution for your business

Download now

The KPIs you should be measuring

How MSPs can measure performance and evaluate their relationships with clients

Download now

Life in the digital workspace

A guide to technology and the changing concept of workspace

Download now
Advertisement

Recommended

Visit/malware/33080/hackers-abuse-linkedin-dms-to-plant-malware
malware

Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

3 Sep 2019
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

8 Mar 2019

Most Popular

Visit/business-strategy/digital-transformation/354201/boston-dynamics-dog-like-robots-sniff-out-bombs-for
digital transformation

Boston Dynamics dog-like robots sniff out bombs for Massachusetts police

26 Nov 2019
Visit/business-strategy/mergers-and-acquisitions/354191/xerox-threatens-hostile-takeover-after-hp-rebuffs
mergers and acquisitions

Xerox threatens hostile takeover after HP rebuffs $30bn takeover

22 Nov 2019
Visit/security/data-breaches/354192/t-mobile-data-breach-affects-more-than-a-million-users
data breaches

T-Mobile data breach affects more than a million users

25 Nov 2019
Visit/mobile/google-android/354189/samsung-galaxy-a90-5g-review-simply-the-best-value-5g-phone
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019