Tuesday, March 22, 2016

Attention Malmart Shoppers

Wondering how to protect against malware? Use an adblocker such as uBlock Origin (Firefox or Chrome).

What do ads have to do with malware? Spreading malware through ad networks is called malvertising. No need to pinch your arm. This nightmare is real.

Years ago, NSFW websites would normally infect computers. Eventually, an upwardly mobile malware author noticed that ad networks trusted by MSN, the New York Times, the BBC, Newsweek, etc. would be a more profitable.

Just this year, many trusted news sites[1][2] allowed malvertising to be offered to browsers running on top of the Windows OS. The result could be a ransomware installation, specifically TeslaCrypt, or a trojan horse installation, named Bedep Trojan, that would allow criminals to use all the infected computers as part of a botnet.

The tool that decides which malware to install is called the Angler Exploit Kit. It is the tool behind many computer crimes. Criminal gangs sell it on the Internet, hopefully you (dear reader) do not know where.

Be mindful of where you go and if random ads should execute on your devices.



References:

  1. "BBC, MSN hit by malicious ad attack". BBC. Retrieved 2016-03-18.
  2. "Big-name sites hit by rash of malicious ads spreading crypto ransomware". Ars Technica. Retrieved 2016-03-18.