Match.Com Users Hit By Malvertising Attack

CyberCrimeSecurityVirus
match.com banner
2 46 No Comments

Around five million Match.com users could be at risk of malware infection, dating site warns

Another leading dating site has revealed it has been hit by a major data breach which could be revealing the personal details of its users.

Match.com, one of the world’s leading dating sites, was hit by a malvertising attack that, when installed, could steal personal information, send spam emails and operate silently without their consent.

The site has around 27.3 million users worldwide every month, around 7 percent of which come from the UK, TechWorld reported.

Love hurts

datingAccording to security firm Malwarebytes, the attack was carried out by the same group that hit fellow dating site PlentyOfFish last month, which is also owned by the Match Group, Match.com’s parent company.

The attack was carried out by criminals using Google shortened URLs leading to the Angler exploit kit, which when clicked on, installs malware onto a user’s system. Angler is already known to serve several particularly nasty forms of malware, including the Bedep ad fraud Trojan as well as CryptoWall ransomware.

Malwarebytes says it has alerted Match.com and the related advertisers but the malvertising campaign is still ongoing via other routes.

“We take the security of our members very seriously indeed,” a Match.com spokesperson said. “We are currently investigating this alleged issue.”

Last month, Malwarebytes found the advertising network used on PlentyOfFish was serving up fake ads that install malware on systems with out of date software like Internet Explorer or Adobe Flash.

Once clicked, an exploit kit searches for vulnerabilities and drops the malicious software onto the machine, with some of the ads even automatically installing malware if a PC that can be infected is detected.

“Malvertising is becoming a go-to method for fraudsters,” said David Kennerley, senior manager for Threat Research at cybersecurity firm Webroot. “Money is the primary motivation for attacks of this nature and often these malicious ads are for additional attacks.”

“Unfortunately simply keeping to trusted websites no longer means you’ll stay safe. The chaotic nature of the online advertising industry means that even popular legitimate websites have no visibility on the ad content displayed on their pages or its original source.”

“Users should keep their browsers fully patched, with appropriate in-built phishing and malware protection switched on. Browser add-ons should be kept up-to-date, with auto-play turned off or better yet, disable or remove these commonly exploited add-ons completely. Ad-blocking software is becoming a must and of course a strong endpoint protection product is essential.”

UPDATE: A spokesperson for match.com UK told TechWeekEurope:

“We take the security of our members very seriously. Earlier today we took the precautionary measure of temporarily suspending advertising on our UK site whilst we investigated a potential malware issue. Our security experts were able to identify and isolate the affected adverts, this does not represent a breach of our site or our users’ data.

“To date we have not received any reports from our users that they have been affected by these adverts. Nonetheless, we advise all users to protect themselves from this type of cyber-threat by updating their antivirus / anti malware software.”

What do you know about 2015’s biggest data breaches? Try our quiz!


Click to read the authors bio  Click to hide the authors bio