A New Malware Targets People Who Type Too Fast

A New Malware Targets People Who Type Too Fast
Source: Getty
Source: Getty

Hackers are waiting for you to make a typo. 

If you've ever mistakenly typed ".om" instead of ".com," beware: Hackers are serving up malware to web users who mistype web addresses, according to a report from the research team at security firm Endgame.

The exploit is fairly simple: Buy up domains that are similar to popular ones, then load them with malvertising and threatening messages in order to get victims to download malware. Examples of the assault, known as typosquatting, include netflic.com and netflixc.om. The latter example, using .om, is the target of this latest rash of attacks. 

Source: Endgame

One of Endgame's researchers navigated to Netflix to check out the latest episodes of House of Cards. However, he accidentally typed in "netflix.om," rather than the official .com domain, and was redirected to a series of pages full of sketchy pop-up ads, and eventually a malware-infested site, which prompted him to download a Flash Player update he did not need. The experience led him to look deeper into whether other .om domains hosted similar attacks. 

He and his colleagues discovered that more than 300 suspicious domains using the names of major companies were registered and running similar schemes. Such domains include walgreens.om, bankofamerica.om, reddit.om, linkedin.om, facebook.om — and the list goes on.

Source: Endgame

The attack is expanding quickly. February saw a spike in .om domain registrations, according to Endgame. Further, the attack method appears to be successful. "There are at least thousands of queries per day to the malicious .om domains from different recursive DNS resolvers across the world," the report notes. 

According to the researchers, the overall goal of these attacks is to serve users as much advertising as possible and to keep nervous users clicking in order to collect revenue from ad platforms. If you accidentally land on a page that exhibits lots of pop-up ads, redirection to other sites or instructions to download a file, don't lick on anything within the website. The best solution is to simply retype the appropriate link into your browser's address bar.

Endgame also advises companies to enhance their typosquatting strategies in order to prevent these kinds of attacks from cropping up. 

How much do you trust the information in this article?

Ruth Reader

Ruth is a senior staff writer covering innovative technology and the people behind it. Send through pitches and tips to ruth@mic.com.

MORE FROM

‘Hot Mic’ podcast: GOP healthcare lives, Trump is angry with Sessions, Manafort subpoenaed

What you need to know for Wednesday, July 26.

UK bans all new diesel and gasoline cars starting in 2040

Britain is pushing for a move to cleaner, more efficient vehicles.

Thousands evacuated in French Riviera as wildfires break out along the coast

Fires are threatening the popular vacation destination.

Warrant suggests Justine Damond may have slapped police cruiser before she was fatally shot

The officers involved in the shooting remain on paid administrative leave.

House passes new sanctions against Russia by an enormous margin

The bill also places limits on Trump’s power to ease or end penalties against Russia.

Paul Manafort is meeting with Senate investigators. Here’s what we know about his Russia ties.

Paul Manafort has Russia links dating back more than 10 years.

‘Hot Mic’ podcast: GOP healthcare lives, Trump is angry with Sessions, Manafort subpoenaed

What you need to know for Wednesday, July 26.

UK bans all new diesel and gasoline cars starting in 2040

Britain is pushing for a move to cleaner, more efficient vehicles.

Thousands evacuated in French Riviera as wildfires break out along the coast

Fires are threatening the popular vacation destination.

Warrant suggests Justine Damond may have slapped police cruiser before she was fatally shot

The officers involved in the shooting remain on paid administrative leave.

House passes new sanctions against Russia by an enormous margin

The bill also places limits on Trump’s power to ease or end penalties against Russia.

Paul Manafort is meeting with Senate investigators. Here’s what we know about his Russia ties.

Paul Manafort has Russia links dating back more than 10 years.