Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Need Someone to Root Against During the World Cup? Try Malware Pushers

World Cup 2014 kicks off Thursday and, like most major sports events, employees will be spending the next month browsing websites to read tournament news, check the latest scores and watch live streaming games.

Sports-related websites receive large amounts of traffic during closely followed and hugely popular events, such as the World Cup, thus creating a prime opportunity for advertisers to post campaign banners and earn big paydays.

However, as Trustwave researchers recently discovered, advertisers are not the only ones cashing in. Unbeknownst to fans, criminals recently planted malware in an advertisement on a popular sports-focused Brazilian website, which has since been cleaned of the infection. If fans were using a vulnerable version of Adobe Flash, simply by visiting the site, the ad planted malware on their machines, giving criminals full access to victims' valuable information.

Our researchers discovered this latest "malvertisement" campaign when we saw it being blocked by our Trustwave Secure Web Gateway product. The anti-malware technology is designed to detect and filter out malware in real time to help protect users from blended threats, data loss and zero-day vulnerabilities - in turn, allowing them to use web and cloud applications securely.

This is far from the only malware-related ploy we'll see during the World Cup. But let it serve as a reminder to fans and users in general that best security practices always must be top of mind.

The latest attacks also should serve as a warning sign for businesses whose employees may be taking breaks throughout the day to get the latest World Cup updates. Security awareness education is paramount to encourage and train workers to be on the lookout for dangers that lurk on the web.

But all the training in the world - such as being taught not to click on suspicious links - wouldn't have helped in this case because the malware spread simply by a user with a vulnerable machine visiting a site hosting a poisoned ad. That is why we also recommend organizations take the following steps:

 

Anti-malware technologies are critical

Businesses should have anti-malware technologies in place, such as gateways, that can detect and filter out malware in real time. That way, if an employee does visit a site, for example, that contains a malicious ad, the technology will strip out the malware before the page even gets rendered.

 

Keep software up to date

Users should make sure they keep all of their software updated with the latest patches. In the case of the Brazilian sports site, if the latest patch for Adobe Flash had been installed, the exploit would have failed. As revealed in our 2014 Trustwave Global Security Report, 85 percent of exploits detected were of third-party plug-ins, including Java, Adobe Flash and Acrobat Reader. Thus, it's critically important to ensure a process is in place to get this type of software patched as quickly as possible.

 

A recent Trustwave-sponsored Osterman Research survey of security professionals showed that malware has infiltrated 74 percent of organizations through the web during the past year. Large sporting events present a lucrative opportunity for these kinds of attacks. Don't let your business be the next victim.

Latest Trustwave Blogs

Mining Operations: Critical Cybersecurity Threats & Trends Revealed

Cybersecurity professionals often point out that threat actors do not differentiate when choosing a victim. To an attacker, a hospital is as useful a target as a law firm or even a mining operation....

Read More

Phishing: The Grade A Threat to the Education Sector

Phishing is the most common method for an attacker to gain an initial foothold in an educational organization, according to the just released Trustwave SpiderLabs report 2024 Education Threat...

Read More

Unlocking Cyber Resilience: UK’s NCSC Drafts Code of Practice to Elevate Cybersecurity Governance in UK Businesses

In late January, the UK’s National Cyber Security Centre (NCSC) issued the draft of its Code of Practice on Cybersecurity Governance. The document's goal is to raise the profile of cyber issues with...

Read More