Malvertising is something publishers absolutely do not want happening on their websites but it does and it’s recently happened to a handful of major publishers. Malvertising is malware that is injected into ads that then attempts to inject itself into users computer systems. Generally websites work with reputable ad service companies who do a good job of keeping their adservers secure from hackers but of course no one is completely secure 100% of the time. This incident is somewhat amplified as the affected websites are some of the most popular on the Internet with a major amount of traffic (see the list below).
Publisher – Traffic (monthly)*
- msn.com 1.3B
- nytimes.com 313.1M
- bbc.com 290.6M
- aol.com 218.6M
- my.xfinity.com 102.8M
- nfl.com 60.7M
- realtor.com 51.1M
- theweathernetwork.com 43M
- thehill.com 31.4M
- newsweek.com 9.9M
The malvertising effort was pushed through several different ad networks and targeted vulnerabilities including a Microsoft Silverlight bug that has since been patched. If a user was unlucky enough to be hit with the malware, their system would redirect to another website where the Angler exploit kit would install and attempt to find a backdoor into the target computer. If it got that far the malware would then install cryptolocker and hold the target computer ransom for bitcoin payment.
Ransomware and bitcoin payment seem to have become the new favorite tools of cyber-criminals and no system is safe in this case, this could easily happen to Mac, PC and Linux users. Malwarebytes has notified the affected ad networks and steps have been taken to neutralize the problem but you can be certain these issues are going to be an ongoing battle between criminal hackers and security professionals.
What do you think of the latest malvertising incident? Let us know in the comments below or on Twitter, Facebook and Google+.
[button link=”http://www.theguardian.com/technology/2016/mar/16/major-sites-new-york-times-bbc-ransomware-malvertising” icon=”fa-external-link” side=”left” target=”blank” color=”285b5e” textcolor=”ffffff”]Source: The Guardian[/button] [button link=”” icon=”fa-external-link” side=”left” target=”blank” color=”285b5e” textcolor=”ffffff”]Source: Malwarebytes[/button]Last Updated on January 23, 2017.
