Click-bait… virus?

On the weekend, I was seeing a lot of social media postings – “Click here to see what happens” and I thought to myself this is a great way to spread malicious code. So I did a little research into Click-bait-virus and realized that I was quite right in assuming this is a great attack vector. Sucuri wrote a great article on the subject June 2015 and their example has a malicious url via iframe.

A more recent well known click-bait is crashsafari(dot)com and it does in fact crash the Safari browser and in most cases Apple ios. It luckily doesn’t have a malicious code dropper. (Note: The javascript exploit also affects Chrome)

Well what does this mean – Social media is full of people, clicking on things they are not suppose to. Don’t click on links, especially click-bait ones.

For example this: stupid2