Hi Guys,

I hope you are well.

Please be aware that there is a new malware campaign spreading around the world that is primarily targeting adult website content consumers. The malware is called ZLoader and while it was originally made to be a banking Trojan the developers behind the new version have modified it so that to can now steal information from a compromised system as well as having the ability in some cases to turn on the users webcam.

Here is how it works:

  • The cyber criminals trick you into going to a decoy page filled with adult images purporting to be movies. This page will look exactly like the real thing so many people will be tricked
  • When you select a movie the deceptive imagine would open in a new window and you are presented with a pixelated view of a video and a few seconds of audio to make it look real.
  • After a few seconds you will see an overlay message telling you that Java Plug-in needs to be installed for the video to play correctly.
  • When you install this Java Plug-in it is game over. Your device is infected with Malware. It is that simple.

Here is how to protect yourself

  • Never go to any website that you do not trust. Check the address bar to make sure you are not on a decoy page and also check the padlock at the start of the address bar to make sure that the site is running SSL encryption.
  • Never download or stream movie or games from torrent sites.
  • When playing a movie or a video clip on a website never install a Java Plug-in. This is a massive red flag. Installing Java Plug-in’s is an old trick from years ago when it was common for media data streams to be encoded with various codecs and without them the media could not be played. We generally don’t need Java Plug-in’s anymore so if you are prompted to install one it is a serious sign of attack.

At the moment it looks like the campaign is only targeting high traffic adult websites but it could be used just as easily on any video streaming or download website so please exercise caution on all websites.

Let me know if you need anything at all and please feel free to share this message using one of the sharing links above.

Thanks and best regards,

Max Roberts,
Incognito Privacy Care Team