Trustwave Blog

Need Someone to Root Against During the World Cup? Try Malware Pushers

Written by Abby Ross | Jun 12, 2014

World Cup 2014 kicks off Thursday and, like most major sports events, employees will be spending the next month browsing websites to read tournament news, check the latest scores and watch live streaming games.

Sports-related websites receive large amounts of traffic during closely followed and hugely popular events, such as the World Cup, thus creating a prime opportunity for advertisers to post campaign banners and earn big paydays.

However, as Trustwave researchers recently discovered, advertisers are not the only ones cashing in. Unbeknownst to fans, criminals recently planted malware in an advertisement on a popular sports-focused Brazilian website, which has since been cleaned of the infection. If fans were using a vulnerable version of Adobe Flash, simply by visiting the site, the ad planted malware on their machines, giving criminals full access to victims' valuable information.

Our researchers discovered this latest "malvertisement" campaign when we saw it being blocked by our Trustwave Secure Web Gateway product. The anti-malware technology is designed to detect and filter out malware in real time to help protect users from blended threats, data loss and zero-day vulnerabilities - in turn, allowing them to use web and cloud applications securely.

This is far from the only malware-related ploy we'll see during the World Cup. But let it serve as a reminder to fans and users in general that best security practices always must be top of mind.

The latest attacks also should serve as a warning sign for businesses whose employees may be taking breaks throughout the day to get the latest World Cup updates. Security awareness education is paramount to encourage and train workers to be on the lookout for dangers that lurk on the web.

But all the training in the world - such as being taught not to click on suspicious links - wouldn't have helped in this case because the malware spread simply by a user with a vulnerable machine visiting a site hosting a poisoned ad. That is why we also recommend organizations take the following steps:

 

Anti-malware technologies are critical

Businesses should have anti-malware technologies in place, such as gateways, that can detect and filter out malware in real time. That way, if an employee does visit a site, for example, that contains a malicious ad, the technology will strip out the malware before the page even gets rendered.

 

Keep software up to date

Users should make sure they keep all of their software updated with the latest patches. In the case of the Brazilian sports site, if the latest patch for Adobe Flash had been installed, the exploit would have failed. As revealed in our 2014 Trustwave Global Security Report, 85 percent of exploits detected were of third-party plug-ins, including Java, Adobe Flash and Acrobat Reader. Thus, it's critically important to ensure a process is in place to get this type of software patched as quickly as possible.

 

A recent Trustwave-sponsored Osterman Research survey of security professionals showed that malware has infiltrated 74 percent of organizations through the web during the past year. Large sporting events present a lucrative opportunity for these kinds of attacks. Don't let your business be the next victim.