Independence Day hackers from Ukraine strike at US holiday websites

Independence Day hackers from Ukraine are hitting US travel sites with malware

A group of hackers from the Ukraine have unleashed a malware scam across numerous US travel websites to coincide with Independence Day.

Security firm Proofpoint reported that it has seen numerous victims affected by the malware, which was smuggled onto popular travel destination websites for US cities including Boston, Houston and Salt Lake City.

Victims are lured to the sites either through phishing emails with links, or visit the sites legitimately during a web search. When someone visits an infected page the exploit kit is installed and then secretly downloads additional malware to the user’s machine.

The malware appears particularly sophisticated, as it is able to bypass all but four of 51 antivirus products used on the Virus Total website, the firm said. Proofpoint added that it believes the command-and-control infrastructure for the malware is based in the Ukraine.

Mike Horn, vice president of threat and response products at Proofpoint, said it was clear the crooks had carefully timed their attack to coincide with the 4 July celebrations for maximum effect.

“Since the attack started on July 3rd, and some of the web pages are promoting 4th of July activities, this attack appears to have been carefully timed to coincide with the US holiday season,” he said. “It’s likely that the websites have been compromised for some time, but the attackers were carefully planning their attack for maximum impact.”

Horn said firms must ensure their websites have adequate protection in place to stop themselves falling victim to these types of attack.

“This is a good example of how poorly protected websites play a big role in the distribution of malware. Users might be directed to these sites by a search engine and they have no idea that just by visiting the site they can become infected.”

If the article suppose to have a video or a photo gallery and it does not appear on your screen, please Click Here


Leave a Reply

Your email address will not be published.