KickAssTorrents compromised to serve fake anti-virus Security Sphere 2012

[Jack]

After infecting speedtest.net , it's time for another highly ranked site to get compromised into serving the malicious Security Sphere 2012.
The attack was instrumented through malicious advertisements pushed onto the website via a compromised OpenX server. Webmasters deploy such servers to sell ad space directly instead of using standard advertising networks like Google's or Microsoft's.

Yesterday our HackAlert website malware monitoring service told us that KickAssTorrents (kat.ph), ranked 321 globally on Alexa with more than 1.5 million unique visitors per month, is serving malware to all of its visitors via malvertising. Below is a video showing how visitors are infected

Read more

 

[imsoadude]

Wow, i stoped downloading torrents a while back but i used that website when i did. i could have been infected with this

 

[win7holic]

if all website like this. i'll turn off my connection for a while then go to internet shop, try many website, which i always go to there.
or, try on VM first.

thanks for share jack.

 

[MetalShaun]

Great video you found there Jack, very interesting indeed.

 

[AyeAyeCaptain]

FF + ABp + No Script keeps it at bay, as visit the site quite often, other day in fact was last and nothing come about due to the blocks. Just goes to show how this is been more widespread though, lot's of high profile sites getting caught in the trap and in turn dishing out nasty stuff to users (some of which will fall for this and pay these ppl).

 

[MrXidus]

I'm curious to why he uses Windows XP. I look at it differently now that Windows 7 takes the market in users.

 

[jamescv7]

So even safe sites you visited regularly could compromise so a precautionary measure must needed. Its like this compromised might also widespread to other famous sites (hopefully not) if isn't take the action immediately.

 

[Jack]

I'm curious to why he uses Windows XP. I look at it differently now that Windows 7 takes the market in users.

Looks like this attack is using an exploit kit in order to infect the users....and it seems that it isn't a zero day exploit so if you have Windows 7 and all the other programs like Java and browser up-to-datea this attack won't be successful.

 

[jamescv7]

Also Windows XP have a greatest number of vulnerabilities and least effective security built in.

 

[AyeAyeCaptain]

Also Windows XP have a greatest number of vulnerabilities and least effective security built in.

Won't stop people from still saying "Long Live XP", they just don't wanna move on even though it's very viable now. Sure the RAM usage is not as light as XP but RAM is cheap and plenty of it comes with stock machines now.