As if trying to find romance wasn’t difficult enough, lately some online dating aficionados have had to contend with yet another challenge: malware.
The latest online dating site to be targeted by so-called “malvertising” attacks is the U.K. version of the popular Match.com (see Why Malvertising Attacks Won’t Stop).
In a Sept. 3 blog post, Jérôme Segura, a senior security researcher with security firm Malwarebytes, warned that Match.com’s advertising channel was being used to host the Angler Exploit Kit, a crimeware toolkit designed to exploit PCs by targeting unpatched flaws on those systems (see Hacking Team Zero-Day Attack Hits Flash). Segura said that he had alerted Match.com to the attacks.
The malvertising attack launched via Match.com follows attackers in August launching a similar attack via another U.K. dating site, Plenty of Fish, which reportedly sees visits from 3 million users per day and claims to be the world’s largest dating website and app. Match.com bought Plenty of Fish in July, and Segura says the two malvertising attacks appear to have been launched by the same group of attackers using many of the same techniques.
“This latest malvertising incident is the work of the same gang using Google shortened URLs leading to the Angler exploit kit,” he says. The Plenty of Fish malvertising attack, he adds, involved the otherwise legitimate ad.360yield.com network, and was serving the Tinbabanking Trojan.