Anti-virus vendor Malwarebytes has alerted consumers to a website it claims is delivering malware to computers.
The website, named Malwarebiter, was discovered earlier this week by Malwarebytes analyst Adam Kujawa.
Malwarebytes has accused Malwarebiter of copying its own website's styling to give it a veneer of credibility.
The company also accuses the alleged imposter of using spam or other underhand means to boost its Facebook following to increase its apparent legitimacy.
However, what has concerned the organisation most is that the website is apparently carrying out drive-by' attacks on users who do not even download the product.
"Traffic analysis from our visit revealed roe.js', a file containing javascript," Joshua Cannell, malware intelligence analyst at Malwarebytes said in a blog post.
"Upon further inspection the file revealed an embedded iFrame object that links to a rogue IP hosting the Blackhole Exploit Kit.
"iFrames allow web developers to embed the contents of one webpage within another [and] using iFrames for drive-by malware attacks is common since they can be crafted invisible to the naked eye," Cannell explained.
The roe.js file then executes either a java or a PDF exploit, resulting in the infamous Zeus Trojan being downloaded onto the visitor's PC, roping it in to one of the internet's most notorious botnets.
Anyone who installs Malwarebiter's anti-malware programme will find it does not detect the newly installed Zeus malware. Instead, they may be directed to a second website, Ad-purge, which is a known fake spyware reporter.
In turn, both websites are linked to a third, Rebrand Software, which creates software products for private buyers who then sell it on as their own.
Furthermore, Malwarebytes claims numerous other pieces of malware have been discovered contacting the Rebrand Software domain.
Cannell said it is "vital" for PC users to protect themselves from software exploitation.
"The Java and PDF exploits found on Malwarebiter's website could be prevented by keeping your software patched and up to date.
"However, this does not always solve the problem as both java and PDF viewers are highly targeted for exploitation, with new vulnerabilities discovered every day.
"In light of this, users might want to stop using java altogether. As for protection from malicious PDFs ... users might be better off viewing [them] in secure browsers, like Google Chrome," advised Cannell.
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
Horabot campaign targeted businesses for more than two years before finally being discoveredNews The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
-
Brand-new Emotet campaign socially engineers its way from detectionNews This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
-
Microsoft says “it’s just too difficult” to effectively disrupt ransomwareNews The company details its new approach to combatting cyber crime as the underground industry drains $6 trillion from the global economy
-
Beating the bad bots: Six ways to identify and block spam trafficIn-depth Not all traffic is good. Learn how to prevent bad bots from overrunning your website
-
Ukraine's vigilante IT army now has a DDoS bot to automate attacks against RussiaNews The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders
-
Microsoft's secure VBA macro rules already being bypassed by hackersNews Recent analysis of Emotet activity has revealed a shift away from malicious Office documents to drop malware
-
Emotet infrastructure has almost doubled since resurgence was confirmed
News Researchers confirm the infrastructure has also been upgraded for a "better secured", more resilient operation
