Unfortunately there are no bounds where hackers are concerned. A recent attack left more than 500 websites and their visitors exposed to harmful malware, after an ad-blocking company was infiltrated for just 90 minutes.
In the attacks that were successful, a remote access tool called Nanocore was installed on the victims’ devices. Nanocore is a full-featured piece of malware that is capable of logging passwords, taking webcam snapshots and regularly reporting to a server under the control of attackers.
Fortunately, the malware was detected by F-Secure as well as other anti-virus software packages. It is also reported that a large percentage of connections to the attacker servers failed. Because Nanocore only runs on Windows, anyone visiting the sites on machines with different servers was immune to the attack.
Understandably, PageFair was mortified at their show of vulnerability and its potential impact on clients and users alike. The fact that the whole campaign began with a spear phishing email shows that all it takes is one person to make a simple mistake, which can then lead to all kinds of consequences.