One of the biggest websites in the UK is fueled by criminal activity

A malware campaign is behind the meteoric growth of one of the biggest websites in the UK, research has suggested. Bitcoinnewstoday(dot)me is already labelled as a "dangerous website" by most search engines and trying to access it will bring up a bright red page on most.

Users of Microsoft Edge, for example, will see a warning that, "Microsoft recommends you don't continue to this site. It has been reported to Microsoft for containing misleading content that could lead you to lose personal info, financial data, and even money."

Yet, according to website analytics company Similarweb, the site experienced a massive growth globally in May 2020, growing by a staggering 320x to reach 23rd place in its UK readership leaderboard.

With almost 76 million monthly visits (and 51 million unique visitors) during the month, it is bigger than far more prominent websites like Paypal, Argos or Linkedin. A closer analysis of the site reveals that it has a global rank of 784 and nearly 96% of the visits occurred via mobile.

Worryingly, most apparently spent more than 40 minutes on the page visiting on average 1.37 pages. In other words, most visitors were stuck on page one for a long, very long time.

Malware

In a statement to TechRadar Pro, a spokesperson for Avira Protection Lab told us that the site could be what security expert call a "rotator". These forward unwitting visitors to a random advertisement, and more recently, pages that cover fake crypto-exchanges (aka a bitcoin scam).

The page appears to be part of a wider network, with the domain name registered in November 2019 in Russia using dummy data. The site has been active since December 2019, with traffic disappearing in April 2020 and surging back in May.

Fake registrant data was used, which is often a common tactic for malware, phishing or scam domains. The web hosting of the site is likely to be located in Germany.

Avira added: "Refer selection is done via geo-location, so you get a different page if you are in the UK compared to France. They have partner pages for pretty much all European countries such as the UK, Germany/Austria/Switzerland, Spain, France, Sweden, Romania and even smaller ones such as Lithuania. They don't seem to have pages for anything outside Europe, e.g. connecting with a Russian or Japanese IP just forwards you to e.g. the UK pages, while trying to connect with an US IP results in a forward to google.com. Funnily enough, Italian IPs also get redirected to google.com"

"Sadly there are dozens of these out there, and often they don't exist very long especially if they are getting flagged."

How It works

Search Crack for

Latest IT News

Jul 14
Adobe has knocked 25% off the price of a Creative Cloud subscription, giving you full access to all its creative apps.
Jul 14
Apple appears to be on the lookout for developers to create a new media app for Windows 10. Let's hope it's better than iTunes.
Jul 14
How to set up a virtual background in Cisco Webex as it finally catches up to Zoom and Google Meet.
Jul 13
You'll soon be able to control media playing in a different tab using handy pop-out controls.
Jul 12
Is the obvious answer still the correct one, and are you very foolish to go without antivirus?
Jul 11
Get a massive discount on the full range of Bitdefender's software - this antivirus deal is hard to ignore right now.
Jul 10
Uninstalling Microsoft's cloud storage app is therefore a workaround - but should you really go down that route?

Latest cracks