The Latest in IT Security

Fake-Java Malvertising


There's a rather large malvertising-driven attack running at the moment, that's attempting to trick people into installing or upgrading a fake version of Java. It looks pretty believable, if you disregard the domain name ( having no obvious linguistic connection to "Java"):

screenshot of fake java site

(The fine print at the bottom, if you're having trouble reading it, says "This website has no affiliation whatsoever with the owner of these software programs, and provides only links to the software programs. This software may be obtained freely.")

Most of the traffic is coming through, but I counted at least a dozen different ad sites as referrers in the logs yesterday.

The fake Java setup program hadn't been seen by VirusTotal last night when I checked it, but it scored 9 hits, mostly as some variation of "Solimba". (It had 11 hits when I re-checked it just now.)

This attack, then, involves adware being spread via malvertising, which makes for a nicely symmetric "circle of life"…

And, given that Java is the most common attack point that exploit kits go after these days, the irony of this attack is pretty thick. Arguably, a computer user who installs this junk, thinking it's the real Java, could still be considered as more secure than someone who has the real thing installed. Ouch.



Leave a reply


TUESDAY, JUNE 18, 2024

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments