In the wake of suicide reports following the Ashley Madison hack, another dating website has been subjected to a cyber attack. Visitors to Plenty of Fish (POF.com), which attracts three million daily visitors, were recently subjected to malvertising that installed malware.
Security firm Malwarebytes revealed that the attack was launched through a third-party advertising network, ad.360yield.com.
The malicious ad points to an exploit tool that takes advantage of known vulnerabilities in browsers and popular browser plug-ins like Flash Player, Java, Adobe Reader and Silverlight. The tool installs malware on users’ computers.
Malwarebytes points out that the attack does not mean that Plenty of Fish’s servers or systems have been compromised, but users’ computers may be infected.
Malware is designed to take advantage of vulnerabilities in websites and web applications. This means that the longer software is left unpatched, the longer cyber criminals have to exploit those vulnerabilities.
Users should keep software programs updated, especially browser plug-ins, in addition to running up-to-date antivirus solutions.
Malvertising and malware are real threats to data security. Cyber threats are becoming a threat to personal safety.