Visitors to the website of two US TV stations were unwittingly subjected to malvertising attacks that could have infected their PCs with dangerous malware and could affect other sites hosted with hosting provider GoDaddy.
Malwarebytes detected that two CBS-affiliated stations using GoDaddy website accounts were compromised in the attack, which was caused by the well-known Angler exploit kit.
And the security firm has now warned that many other GoDaddy users could also be at risk from having their accounts hijacked due to weak passwords.
These subdomains, which hosted the advertising content, were able to switch between a ‘clean’ version of the site and an infected version where users visiting the site were shown malicious ads.
A ‘rogue advertiser’ is suspected as being the culprit, Malwarebytes says, having subverted the Taggify self-serve ad platform to put unsuspecting viewers at risk.
The company has warned that under-strength passwords could pose a risk to many other users too.
“GoDaddy is one of the world’s largest registrars and, as such, it will experience many attacks against its platform across the globe”, Malwarebytes’ Jérôme Segura told TechWeekEurope.
“However, the weakness comes from website owners who have chosen poor passwords or have had their machines compromised.
“Trojans will harvest passwords stored in FTP clients or other software used to administer a site. Without the owner’s knowledge, attackers now possess the credentials to alter a site’s settings allowing them to make DNS changes, add subdomains, and so on.”
GoDaddy has been hit by major attacks before, most notably in 2012, when hackers affiliated to Anonymous took down the company’s entire operation, meaning millions of customers were left without access for several hours.
Malvertising has also become a growing threat in the online security space as hackers look for ever more ways to attack unsuspecting users, with previous Malwarebytes research finding that the UK is the world’s third-largest market for malvertising infections, behind only the US and Canada.
In March, major online publishers including the BBC, AOL and MSN were hit by an attack that installed potentially harmful adverts that could install ransomware or other malware on unsuspecting users’ devices if clicked on.
TechWeekEurope has contacted GoDaddy.
What do you know about Internet security? Find out with our quiz!
Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…
Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC
Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…
Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…
Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…
Elon Musk continues to provoke the ire of various leaders around the world with his…