The Cuevana movie portal plug-in could steal passwords

Cave 03

Cuevana is a South American portal dedicated to viewing online content that is very popular due to the good quality of the videos it hosts . This website was very successful because most streaming video services do not offer good image quality. The closure of Megaupload was a hard blow because most movies and series were hosted on their servers, despite this Cuevana continues to work and little by little they have been moving the files to other servers so that it can continue to be watched without problems.

Cave 01

One of the peculiarities of Cuevana is that it plays the streaming videos directly on the page, it does not redirect us to another website such as AllMyVideos or PutLocker. For this to be possible it is necessary to download a plug-in for the browser, either Chrome or Firefox , or else the videos will not be playable. This apparently harmless plug-in has turned out to contain malicious code (phishing) that could steal the passwords of users who had it installed. The discovery was thanks to a user of the Forocoches forum while trying to access his Google account . Other plug-incalled Tamper Data detected that what the Cuevana plug-in does is send sensitive information (passwords) to the site // The stolen passwords correspond to sites like Facebook, Paypal and even bank websites like Santander . These types of malicious programs copy the information when we are filling in a form on a trusted site such as Facebook without us noticing any difference in the operation of the page. Of course, if you have installed the plug-in, it is best to remove it immediately andchange the passwords you use regularly.

Cave 02

The best of all has been what happened after uncovering the problem. The first thing that has happened is that the website has been removed and the owners of the server claim that they have not been. Furthermore, as if by magic, the malicious code has disappeared from the plug-in . According to the thread opened in Forocoches, the Cuevana team would have eliminated this part of the code and have uploaded the modified plug-in but keeping the same version. Apparently they thought that nobody was going to realize that they had modified the plug-in in an attempt to eliminate the possible evidence that incriminated them directly, something that logically has gone wrong.

Although at the moment the true scope of this problem is not known. They defend themselves by pretending that they have been victims of a computer attack. Those responsible for the portal are replying to users through their official Twitter account saying that they have not modified any of the code and denying any relationship with the website // . It seems that users are not believing these excuses and continue to blame Cuevana directly for the theft of passwords with hashtags like #CuevanaRoba.

Original text