light bulb

Did You Know?

Posts: 10,561
Topics: 7,194
Kudos: 17,618
Registered: ‎06-12-2013

CryptoWall! crooks! 'turn! to! Yahoo! ads! to! spread! ransomware!'

Purple Palace not directly involved but maybe it should chat to these infosec bods

By John Leyden,


Crooks are using Yahoo!'s advertising network to infect PCs with the CryptoWall ransomware, it's claimed.

Windows software nasty CryptoWall encrypts a victim's files using an OpenSSL-generated key pair before demanding a ransom to decrypt the data. It communicates with its masters using RC4-encrypted messages to command servers hidden in the Tor network, we're told.


It was initially spread by spamming email inboxes with "incoming fax" scans or links to files held in cloud storage that were booby-trapped with malicious code.

The malware then evolved to use poisoned web advertisements – or malvertising – to spread across the internet.

Typically, when someone clicks on an ad, the site displaying the advert, and the advertising network serving it, take a small fee for referring the visitor to the advertiser's website. It appears CryptoWall victims are lured into clicking on adverts, which refer the browser along a chain of websites until it reaches a server that exploits a vulnerability to infect the computer.


Full Article

Community Expert Advisor

Posts: 6,072
Topics: 2,970
Kudos: 7,744
Blog Posts: 0
Registered: ‎06-02-2014

Re: CryptoWall! crooks! 'turn! to! Yahoo! ads! to! spread! ransomware!'

Pretty soon its not going to be safe to go on Facebook. Hackers are really focusing on this social media and were getting bit.

Community Leader