Advertising-driven malware campaigns, including links masquerading as Java downloads or updates, are doing the rounds in what seems to be a low-risk comical ploy by cyber deviants.
Chris Larsen, malware lab architect at Blue Coat Systems, says the campaign's malware is at the low end of the threat spectrum - typically adware or spyware - but warns computer users not to click on what he has dubbed "fake Java malvertising".
Larsen says "the bad guys" are using malvertising - online advertising that spreads malware - in what appears to be an attempt at black humour.
A user who installs the malware, he says, is essentially more secure than others with the real version of Java, Oracle's widely-installed free software that has been a subject of concern for PC security on more than one occasion recently.
"The malware isn't Java, so people who download it still wouldn't have Java on their system, and wouldn't be vulnerable to all the infections you can get if you do have Java installed."
Larsen notes that Java is the most common attack point that exploit kits go after these days, and says the irony of this attack "is pretty thick".
The malware component is generally flagged as potentially unwanted software, says Larsen, who suggests people steer clear of clicking on adverts for Java updates that originate from random .info sites - or, in the case of the latest strain of malvertising, downloadjava.us, securejavaupdate.com, upjavadownload.com, latestjavas.com, securejavadown.com, securejavas.com and securejavaup.com. "Real Java comes from java.com."
In the latter case, Larsen says interesting to note is that most of the names appear designed upon peoples' fears around the vulnerabilities that can be found in Java. "Who wouldn't want a secure version of Java? Sign me up."
Share