After would-be adulterers lose sleep about their details being uncovered in the Ashley Madison data breach, singles looking for love on Plenty of Fish could be infected by malware.
Security firm Malwarebytes has found the advertising network used on the site is dishing up fake ads that install malware on systems with out of date software like Internet Explorer or Adobe Flash.
If a dodgy link is clicked, an exploit kit searches for vulnerabilities and drops the malicious software onto the machine. Some ads can even automatically install malware if it detects a PC that can be infected. Malwarebytes believes the malware installed is Tinba, which is typically used to steal bank details.
Plenty of Fish malvertising
The company stresses that Plenty of Fish’s servers have not been breached, so user information is safe – unlike that of millions of Ashley Madison users.“Malvertising has been around for a while now and often is quite successful in its attack campaign because of the lack of interaction needed by the individual infected. It’s not reliant on unpatched servers or vulnerabilities nor the reputation of the affected site,” explained Mark James, security specialist at ESET. “It could be a high profile or an under the radar website and has the ability to spread through thousands of users before being found and stopped.
“After the massive media attention that Ashley Madison has attracted, it stands to reason that similar infiltrations will also attract the same sort of short term awareness. Along with the actual information retrieved from the site, there comes a level of public interest in similar attacks. It’s like buying a certain make of car and then always seeing that car as you drive around, there’s probably no increase in these particular industry specific targets only our awareness of current projects.”
TechWeekEurope has contacted Plenty of Fish to see whether the company has taken any action against the malvertising campaign, but had not received a response at the time of publication.
“[Plenty of Fish] need to ensure they are using a good ad server to manage their online advertising, vet the company and the provider to ensure it has a good reputation,” added James. “While also keeping the public informed of exactly what has and what is happening will help and offer some kind of credit monitoring service to anyone directly affected by the compromise. They should check their entire systems for any type of breach and continue to monitor it on a regular basis.”