Popular video sharing site, Daily Motion has been compromised and all the users have been redirected to the malicious page, Symantec reports. The reports stats that, hackers have hacked the Daily Motion site and put the iframe tag on the code of site, which redirects users to the malicious page containing Sweet Orange Exploit Kit.
What is Sweet Orange Exploit Kit.
Sweet Orange Exploit Kit is a malware toolkit which exploit the vulnerabilities in Java, Internet Explorer and Adobe flash player, on the users machine. If the System get successfully exploited, a pay-per-click malware was downloaded on the victim computer. After that Malware starts generating fake traffic for pay-per-click site.
It is being predicted that, attacker targeting the large numbers of users, and Daily Motion have much amount of users traffic, as the site's Alexa rank is under 100. And as attackers have used the Sweet Orange Exploit Kit, which gives the huge amounts of traffic to its pay-per-click site.
Symantec also point out the vulnerabilities that Sweet Orange Exploit Kit exploits, which are follows-
What is Sweet Orange Exploit Kit.
Sweet Orange Exploit Kit is a malware toolkit which exploit the vulnerabilities in Java, Internet Explorer and Adobe flash player, on the users machine. If the System get successfully exploited, a pay-per-click malware was downloaded on the victim computer. After that Malware starts generating fake traffic for pay-per-click site.
Symantec also point out the vulnerabilities that Sweet Orange Exploit Kit exploits, which are follows-
- Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability (CVE-2013-2551)
- Adobe Flash Player Buffer Overflow Vulnerability (CVE-2014-0515)
- Oracle Java SE Remote Java Runtime Environment Vulnerability (CVE-2013-2460)
What to DO?
Symantec probes that team is watching the malware activity since 2013, and they also mentioned that, if the users have update antivirus application, then it can easily detect the Trojan, and users are advised to keep update their antivirus application upto date.