Malware-squirting ads appear on websites with 100+ million visitors

Status
Not open for further replies.
S

sinu

Thread author
Security researchers at MalwareBytes this week discovered the crooks running another massive campaign of ads that use the Angler Exploit Kit to infiltrate Windows PCs via vulnerabilities in Adobe Flash and web browsers.
Prominent websites including the Drudge Report and Weather.com – a pair of sites whose total traffic alone amounts to nearly 200 million visits per month – were apparently inadvertently carrying the ads, putting millions of netizens at risk.
MalwareBytes said the network carrying the ads, AdSpirit, was notified, and it has since taken down the offending adverts. The campaign has now moved to AOL's ad network, with dodgy adverts appearing on eBay, we're told.
Like the attacks spotted last week on Yahoo! sites, the malicious ads silently load, through a chain of web redirects, script code that attempts to exploit software vulnerabilities in the visiting PC to install either an adware package or the CryptoWall ransomware.
As soon as the ad is loaded on the page, the attack is attempted without any click or interaction from the user. Disabling Flash or setting the plugin into "click-to-play" mode will slash the risk of attack. Keeping fully up-to-date with security patches will also help: the exploit kits tend to target old-day rather than zero-day vulnerabilities.
A similar malvertising attack from the CryptoWall gang was spotted in 2014, when Yahoo! was once again used to serve up the attack ads. Such operations do not involve infecting the ad networks themselves, but rather duping the networks into serving files that contain the exploit code.
"I think supporting free content is fine but not with the kind of risk it entails. People already hate ads, and we really didn’t need another incentive to block them," said MalwareBytes senior security researcher Jérôme Segura.
"The popularity of ad blockers may really force the ad industry’s hand to change how they go about advertising."
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top