Saltar al contenido

Fake Copy of Photobucket infecting with Java

Fake Copy of Photobucket infecting with Java

Photobucket.com is a well-known portal that is used to host photos and videos on the Internet, well, in the following screenshot you can see a fraudulent page called The Photobucket which takes advantage of the popularity of the legitimate site to infect:

The deception was discovered a few days ago by researcher Jerome Segura and in his new blog SparkTrust he has published all the details. Currently the false page is not operational, what it was doing was showing by means of a iframe the actual Photobucket site and upload a Malicious Java applet downloading a Trojan.

Searching the browsers cache, I discovered that the domain was also used to perform a similar trick with another image site called ImageSticky. In this case it seems that the applet was pretending to be an image gallery:

As we see, it is an attack that can deceive anyone who mistakenly enters the wrong site and, as I said yesterday, if a Java vulnerability is exploited and it is not updated, the computer could automatically infect itself.

See also: BlackHat SEO + Java vulnerable = hidden Trojan download Builder of false pages to infect with Java.