Attackers managed to compromise the popular video sharing website dailymotion and redirected visitors to malicious web page that installs malware in victim's machine.
On June 28, Symantec researchers identified an iframe in Dailymotion.com which sends users to different website hosting Sweet Orange Exploit kit.
Sweet Orange Exploit Kit is a malware toolkit used by attackers to infect victim's machine with malware by exploiting software vulnerabilities on their machine.
The vulnerabilities that Sweet Orange attempts to exploit are : Java Vulnerability(CVE-2013-2460), Adobe Flash Player vulnerability(CVE-2014-0515), Internet Explorer Vulnerability(CVE-2013-2551).
If the user's machine is vulnerable, then Trojan.Adclicker was downloaded onto the victim’s computer.
"This malware forces the compromised computer to artificially generate traffic to pay-per-click Web advertisements in order to generate revenue for the attackers" the symantec researchers said.
