The malicious content is being spread through adverts on the website in a “malvertising attack” which is reportedly targeting UK users in particular. Match.com’s servers have not been breached.
The site’s users risk having their personal information stolen and malware installed on their devices, in a breach discovered by security firm Malwarebytes.
Cyber crooks are using shortened Google URLs, through a series of redirects that install ad fraud Trojans and infect victims’ systems with malware.
The security firm has alerted Match.com to the issue, but claimed the risk remains.
City A.M. has been in touch with a Match.com spokesperson, who said:
We take the security of our members very seriously. Earlier today we took the precautionary measure of temporarily suspending advertising on our UK site whilst we investigated a potential malware issue. Our security experts were able to identify and isolate the affected adverts, this does not represent a breach of our site or our users’ data.To date we have not received any reports from our users that they have been affected by these adverts. Nonetheless, we advise all users to protect themselves from this type of cyber-threat by updating their antivirus / anti malware software.