Category: malvertising

Apr 11 2016

More big-name sites hit by rash of malicious ads that attack end users

Some of the Netherland' most popular websites have fallen victim to a malvertising campaign that managed to compromise a widely used ad platform, security researchers reported on Monday.

The malicious ads were served over at least 11 sites including, the Netherlands equivalent to eBay and the country's seventh most visited website, according to a blog post published by security firm Fox IT. Other affected sites included news site (which is ranked No. 14), weather site (54), and (67). Other widely visited sites were operated by commercial TV stations and magazines.

According to the blog post:

Read 2 remaining paragraphs | Comments

Mar 15 2016

Big-name sites hit by rash of malicious ads spreading crypto ransomware [Updated]

Enlarge / If you're a gamer (or anyone else), this is not a screen you want to see. (credit: Bromium Labs)

Mainstream websites, including those published by The New York Times, the BBC, MSN, and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.

The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday by Trend Micro. The new campaign started last week when "Angler," a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network.

According to a separate blog post from Trustwave's SpiderLabs group, one JSON-based file being served in the ads has more than 12,000 lines of heavily obfuscated code. When researchers deciphered the code, they discovered it enumerated a long list of security products and tools it avoided in an attempt to remain undetected.

Read 7 remaining paragraphs | Comments

Oct 19 2015

Malvertising campaign targets Brazilian users

Portuguese speakers are targeted on a host of portals including MSN, Universo Online, and Globo.

Aug 14 2015

My browser visited Drudgereport and all I got was this lousy malware

Millions of people visiting,, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

The malvertising campaign worked by inserting malicious code into ads distributed by, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo's ad network, exposing millions more people to the same drive-by attacks.

Malvertising is a particularly pernicious form of attack because it can infect people who do nothing more than browse to a mainstream site. Depending on the exploit, it can silently hijack computers even when visitors don't click on links. Some browser makers have responded by implementing so-called click-to-play mechanisms that don't render Flash or Java content unless the end user actively permits the plugin to run on a particular site. Some users have resorted to ad blockers, which have the unfortunate side effect of depriving publishers of much-needed advertising revenue.

Read 1 remaining paragraphs | Comments