September 4th, 2015, 21:15 PM
Match.Com Users Hit By Malvertising Attack
Another leading dating site has revealed it has been hit by a major data breach which could be revealing the personal details of its users.
Match.com, one of the world’s leading dating sites, was hit by a malvertising attack that, when installed, could steal personal information, send spam emails and operate silently without their consent.
The site has around 27.3 million users worldwide every month, around 7 percent of which come from the UK, TechWorld reported.
According to security firm Malwarebytes, the attack was carried out by the same group that hit fellow dating site PlentyOfFish last month, which is also owned by the Match Group, Match.com’s parent company.
The attack was carried out by criminals using Google shortened URLs leading to the Angler exploit kit, which when clicked on, installs malware onto a user’s system. Angler is already known to serve several particularly nasty forms of malware, including the Bedep ad fraud Trojan as well as CryptoWall ransomware.
Malwarebytes says it has alerted Match.com and the related advertisers but the malvertising campaign is still ongoing via other routes.
“We take the security of our members very seriously indeed,” a Match.com spokesperson said. “We are currently investigating this alleged issue.”