To Customer Support To Customer Support

Millions menaced as ransomware-smuggling ads pollute top websites

  • 15 March 2016
  • 3 replies
  • 216 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

msn.com, nytimes.com, aol.com et al hit by malware-injecting banners

  15 Mar 2016 at 17:19, John Leyden Top-flight US online publishers are serving up adverts that attempt to install ransomware and other malware on victims' PCs.
Websites visited by millions of people daily – msn.com, nytimes.com, aol.com, nfl.com, theweathernetwork.com, thehill.com, zerohedge.com and more – are accidentally pushing out booby-trapped adverts via ad networks, warn infosec researchers.
 
The adverts are built from exploit kits, which as the name suggests, are toolkits of code that exploit security vulnerabilities in browsers and plugins to gain control of computers.
 
Full Article
 
 
 

3 replies

Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

New malvertising campaign may have exposed tens of thousands in the past 24 hours.

by Dan Goodin - Mar 15, 2016
 
                                 http://cdn.arstechnica.net/wp-content/uploads/2015/03/teslacrypt-640x577.png
 
Mainstream websites are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.
 
The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday  by Trend Micro. The new campaign started last week when "Angler," a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network.
 
According to a separate blog post from Trustwave's SpiderLabs group, one JSON-based file being served in the ads has more than 12,000 lines of heavily obfuscated code. When researchers deciphered the code, they discovered it enumerated a long list of security products and tools it avoided in an attempt to remain undetected.
 
Full Article
Baldrick
Rank
Userlevel 7
Thanks for the heads up, Jasper, that is really not good news at all. :(
Webroot SecureAnywhere Complete Beta Tester v9.0.24.49, imaged by Macrium Reflect v7.2
R
Rank
Userlevel 7
By Mark Wilson
 


 
Top news websites including the BBC, the New York Times and MSN were hit over the weekend by a co-ordinated malware campaign. Delivered through the advertising networks used by the sites, the malvertising attack aimed to install ransomware on victims' computers.
On-site ads are far from loved, hence the prevalence of ad-blocking tools. But as well as being an annoyance, online ads can also pose a serious security risk -- something highlighted by this attack. The infected ads redirected people to servers hosting the Angler exploit kit and was engineered to target US-based web users.
 With a footprint measured in billions of readers, the sites -- including MSN, the BBC, the New York Times, AOL and Newsweek -- were hit with a rash of malicious traffic from two rogue domains, TRACKMYTRAFFIC.BIZ and TALK915.PW. the malvertising campaign affected four major ad networks -- Google, AppNexus, AOL and Rubicon -- and caused what MalwareBytes calls a "huge spike in malicious activity".
 
full article here:

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.