Computers-Hacking
See other Computers-Hacking Articles
Title: My browser visited Weather.com and all I got was this lousy malware [also Drudge, Wunderground, Yahoo]
Source:
Ars Technica
URL Source: http://arstechnica.com/security/201 ... -i-got-was-this-lousy-malware/
Published: Aug 15, 2015
Author: Dan Goodin
Post Date: 2015-08-15 11:27:29 by Tooconservative
Keywords: None
Views: 19666
Comments: 77
Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said. The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo's ad network, exposing millions more people to the same drive-by attacks. Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network. Malvertising is a particularly pernicious form of attack because it can infect people who do nothing more than browse to a mainstream site. Depending on the exploit, it can silently hijack computers even when visitors don't click on links. Some browser makers have responded by implementing so-called click-to-play mechanisms that don't render Flash or Java content unless the end user actively permits the plugin to run on a particular site. Some users have resorted to ad blockers, which have the unfortunate side effect of depriving publishers of much-needed advertising revenue. The campaign used against the AdSpirit and Yahoo networks connected to servers run by Microsoft's Azure service. Ultimately, the booby-trapped ads led to attack code distributed through the Angler exploit kit, a software package sold on the black market that makes it easy for criminals to exploit vulnerabilities in Flash, Java, and other software. The AdSpirit attacks were particularly hard to trace because most of the websites involved in the attack were using the transport layer security protocol to obscure the address and encrypt the data. There's no indication the attacks were exploiting vulnerabilities in fully patched software. That underscores the importance of installing security updates as soon as they become available. Poster Comment: Install adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently. 
Post Comment Private Reply Ignore Thread
Top • Page Up • Full Thread • Page Down • Bottom/Latest
Begin Trace Mode for Comment # 16.
#5. To: TooConservative (#0)
I just downloaded and installed uBlock Origin 1.0.0.1 is there anything else I need do before going to drudgereport?
Nope. It's free and it mostly Just Works. You should see a little red uBlock icon at the upper right of your URL bar. If you come across a website that won't work with adblockers, you can disable uBlock on that site. There are a few other options there as well, you can hover over the icons in the uBlock control window to see what those are. For the big blue button, you can click to disable uBlock for the entire website you are on. Or you can CTRL-click it to disable uBlock only on the page you are looking at. The eyedropper lets you click on page elements one at a time, to allow single ads on a page to display. There are four more similar options in the bottom of the uBlock window. One nice benefit of uBlock is that it really cuts back on bandwidth traffic and CPU use. So it makes web pages load faster and doesn't hog the CPU. Nice for older computers so they don't get bogged down on ad-infested pages. For years, ads only annoyed us or made the pages run slow. But now we see steady attacks by hackers on the ad networks to turn them into a way to attack user security. Let me know if you have any problems. I haven't had any because it is so simple to use. I haven't found any websites that I use trying to block uBlock so far.
UBlock work with tablets too?
#17. To: redleghunter (#16)
They have versions of Ad Block Pro that work on tablets. ABP is open-source. So there are several versions of it available on Android. It actually works pretty well on Android. Lots of ads just disappear. Not just in the web browser but even ads in other apps. You should not pay for it. The block lists are free, the source code is open. The people who wrote it and maintain the blocklists and filter lists didn't try to make money from it so you shouldn't pay some scammer for a copy of it. I think there are 3-4 versions of it on Android (and Chrome Store).
Top • Page Up • Full Thread • Page Down • Bottom/Latest
#6. To: BobCeleste (#5)
I just downloaded and installed uBlock Origin 1.0.0.1 is there anything else I need do before going to drudgereport?
#16. To: TooConservative (#6)
Replies to Comment # 16. UBlock work with tablets too?
End Trace Mode for Comment # 16.
[Home] [Headlines] [Latest Articles] [Latest Comments] [Post] [Mail] [Sign-in] [Setup] [Help] [Register]