Malicious Web Direct Service Infects 16,500 Sites To Spread Malware

Share post:

Avast researchers have uncovered the activities of a new traffic direction system (TDS) called Parrot. Parrot, just like other TDS tools, is used to redirect victims to online resources and websites with malware.

According to the researchers, Parrot TDS is used for a campaign called FakeUpdate. FakeUpdate delivers remote access trojans (RATs) via fake browser update notifications.

While the campaign began in February 2022, Parrot activity began as early as October 2022, according to the researchers.

“One of the main things that distinguish Parrot TDS from other TDS is how widespread it is and how many potential victims it has. The compromised websites we found appear to have nothing in common, apart from servers hosting poorly secured CMS sites, like WordPress sites,” Avast’s report stated.

Most of the users affected by these malicious redirections were in Brazil, India, the United States, Singapore and Indonesia.

Admins with compromised web servers can remedy this by following Avast security tips. This includes scanning all files on the web server with an antivirus, replacing all JavaScript and PHP files on the web server with original files, and using the latest CMS version and plugins.

Other tips include checking for automatically running tasks, using unique and strong credentials for all services, and using some of the available security plugins for WordPress and Joomla.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 29, 2024 – A new North Korean ransomware gang spotted, and more

A new North Korean ransomware gang spotted, and more Welcome to Cyber Security Today. It's Wednesday, May 29th, 2024....

Microsoft tries to regain trust of government cybersecurity leadership

Microsoft has embarked on an aggressive campaign to restore and enhance its cybersecurity image and regain trust within...

London Drugs refuses to pay ransom – corporate data is leaked

London Drugs, a prominent Canadian retailer, has confirmed a data breach involving sensitive corporate head office files, following...

Cyber Security Today, May 27, 2024 – Security controversy over a new Microsoft tool, a new open source threat intelligence service, and more

Security controversy over a new Microsoft tool, a new open-source threat intelligence service, and more. Welcome to Cyber Security...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways