Just as before, the ad network guilty of showing these malicious ads is AdSpirit, the same ad network abused in August to show malverts on MSN, Weather.com, Wunderground, and The Drudge Report. The difference, this time, is that advertisers were using the Neutrino and RIG exploit kits, instead of Angler.
There's a trend with malicious actors that are moving away from using the Angler exploit kit, trend observed since the beginning of the year. This may have something to do with the fact that Angler was last year's most used exploit kit, and many cyber-security vendors have focused their efforts on detecting its presence on Web pages.Read more
One of the major goals for any online business is to attract as many visitors as possible to their websites in order to generate more revenues. This is typically where advertising comes into play, by helping companies to reach the right audience and converting those clicks and visits into actual sales.
Sadly, fraudulent businesses also use online advertising as a way to reel in potential victims. This is nothing new and we have seen many examples of targeted keywords on search engine results before. Many times these rogue advertisers will abuse legitimate brands to trick people and provide services on behalf of these companies.Read more
Security researchers have discovered malicious adverts on the UK version of dating site Match.com. Malwarebytes, which found the cyber-threat, said that anyone caught by the ads could fall victim to ransomware.
Malicious ads were appearing on pages of the site via an ad network that passes content to Match.com and other places, redirecting those who click on the adverts through a series of links to a site embedded with code that checks if a visitor is running outdated versions of commonly-used software. Bugs in the versions of Flash, Java, Adobe Reader and Silverlight used in browsers were all being exploited by the malicious code.Read more
Security researchers said they discovered malicious ads planted in Yahoo’s network and alerted Yahoo. The malware was found in Yahoo’s ads network at ads.yahoo.com, which runs ads across Yahoo’s sites like its finance, games and news portals.
Users may have come across the infected ads when visiting Yahoo’s sites. A Yahoo spokeswoman declined to say how many advertisers were affected. The attack used a method known as malvertising, in which attackers dupe online publishers into running malicious ads. They look like any other ads and may not require any interaction from users to infect their machines.Read more
One more piece of malware adware has been thrust into the spotlight, one that also breaks HTTPS connections, but is arguably worse than Superfish, which was pre-installed on new Lenovo laptops manufactured at the tail end of 2014.
Experts reported that malvertising installs its own certificate and breaks SSL connections by creating a man-in-the-middle vulnerability that can be exploited by anyone to sniff traffic. Superfish makes Lenovo PCs vulnerable to malware and malicious attacks by pre-loading the adware. However, a new malware adware doesn’t contain the exact vulnerability as Superfish, it likely presents a bigger mess for users.Read more
Lenovo, the largest PC manufacturer in world, admitted to pre-loading the Superfish adware on some consumer PCs. Lenovo has been accused of fatally compromising user security by installing an adware application on all its Windows computers as they leave the factory.
Unhappy customers are now dragging the company to court on the matter. A proposed class-action suit was filed late last week against Lenovo and Superfish, which charges both companies with “fraudulent” business practices and of making Lenovo PCs vulnerable to malware and malicious attacks by pre-loading the adware. The lawsuit was filed after Lenovo admitted to pre-loading Superfish.Read more
Lenovo, the largest PC manufacturer in world, has been accused of fatally compromising user security by installing an adware application on all its Windows computers as they leave the factory.
The software purports to offer users a “visual search” experience. In actual fact, it injects third-party advertisements into Google search results and websites, without asking the user. In order to place adverts on websites served to the user over an encrypted connection, as Google does by default, Lenovo owners report that Superfish software also breaks social security used by every computer to access the internet privately.Read more
A sophisticated cyber-crime campaign is leaving millions of people vulnerable to having malware installed on their computers simply by visiting high profile websites.
The campaign is using the fast-growing method of 'malvertising' to spread a pernicious form of malware called ransomware, which encrypts all the files on the hard drive of a victim's computer, and if the victim doesn't pay a ransom by deadline, those files are lost forever. The researchers were even able to estimate how much money the criminals were earning on a daily basis as the ransoms are charged in bitcoin, meaning all payments are traceable via the public blockchain.Read more
Malvertisements or malvertising are a malicious variety of online advertisements generally used to spread malware. However, that definition is somewhat dated as the term has evolved.
While it’s easy to call an ad that redirects to malware a malicious one, it is often hard to differentiate between fraudulent and legitimate online ads. For example, there are any number of legal online ads that any reasonable observer would characterize as malicious or fraudulent. On the other hand, there are likely benign ads that are flagged by some advertising networks as malicious or fraudulent on superficially technical grounds.Read more