Perez Hilton malware strikes millions of users

Gossip site with 500,000 daily visitors serves up double order of malvertising

The website of celebrity gossip hound Perez Hilton has been serving malware to visitors, it has been revealed, with potentially millions of users affected.

The site was afflicted with malvertising, where adverts on a legitimate site are used to host malware. In this case, users clicking on the ads would have been redirected to the notorious Angler exploit kit, which detects vulnerabilities in Flash and Java and uses them to deploy other malware onto victims' PCs.

Advertisement - Article continues below

According to Nick Bilogorsky, senior director of threat intelligence at Cyphort, PerezHilton.com was used to host two malvertising campaigns.

The first was detected on 30 April, when unfortunate victims would have been redirected via the malicious advert to Angler, which typically deploys Bedep malware onto their computer. Bedep, in turn, downloads CryptXXX ransomware.

The second, which Cyphort researchers discovered on 6 May, used a different exploit kit, a different redirector, and used Amazon Cloudfront CDN to distribute the malware.

"Malvertising continues to be one of the preferred vectors for attackers to compromise users' machines with malware," said Bilogorsky. "Many users fought back by disabling all advertising to secure themselves. Nearly 200 Million now use Adblock, according to Statista. In 2015, this form of ad blocking cost publishers nearly $22 Billion dollars."

Advertisement
Advertisement - Article continues below

To help mitigate this, Bilogorsky said: "Advertising networks should use continuous monitoring - automated systems for repeated checking for malware ads, need to scan early and scan often, picking up changes in the advertising chains, and leverage the latest threat intelligence to power these monitoring systems."

Advertisement - Article continues below

In a post on Graham Cluley Security News, David Bisson advised: "At the very least, ordinary users should make a special point of implementing all software and security updates as soon as they become available. Doing so will not stop a malvertising campaign from redirecting them to a malicious website, but it could prevent an exploit kit like Angler from taking advantage of open software vulnerabilities on their computers."

Advertisement

Recommended

Visit/security/malware/355093/evasive-malware-threats-are-surging
malware

Evasive malware threats doubled in 2019

24 Mar 2020
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

2 Mar 2020
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

3 Sep 2019

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020