[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

"International court’s attack on Israel a sign of the free world’s moral collapse"

"Pete Hegseth Is Right for the DOD"

"Why Our Constitution Secures Liberty, Not Democracy"

Woodworking and Construction Hacks

"CNN: Reporters Were Crying and Hugging in the Hallways After Learning of Matt Gaetz's AG Nomination"

"NEW: Democrat Officials Move to Steal the Senate Race in Pennsylvania, Admit to Breaking the Law"

"Pete Hegseth Is a Disruptive Choice for Secretary of Defense. That’s a Good Thing"

Katie Britt will vote with the McConnell machine

Battle for Senate leader heats up — Hit pieces coming from Thune and Cornyn.

After Trump’s Victory, There Can Be No Unity Without A Reckoning

Vivek Ramaswamy, Dark-horse Secretary of State Candidate

Megyn Kelly has a message for Democrats. Wait for the ending.

Trump to choose Tom Homan as his “Border Czar”

"Trump Shows Demography Isn’t Destiny"

"Democrats Get a Wake-Up Call about How Unpopular Their Agenda Really Is"

Live Election Map with ticker shows every winner.

Megyn Kelly Joins Trump at His Final PA Rally of 2024 and Explains Why She's Supporting Him

South Carolina Lawmaker at Trump Rally Highlights Story of 3-Year-Old Maddie Hines, Killed by Illegal Alien

GOP Demands Biden, Harris Launch Probe into Twice-Deported Illegal Alien Accused of Killing Grayson Davis

Previously-Deported Illegal Charged With Killing Arkansas Children’s Hospital Nurse in Horror DUI Crash

New Data on Migrant Crime Rates Raises Eyebrows, Alarms

Thousands of 'potentially fraudulent voter registration applications' Uncovered, Stopped in Pennsylvania

Michigan Will Count Ballot of Chinese National Charged with Voting Illegally

"It Did Occur" - Kentucky County Clerk Confirms Voting Booth 'Glitch'' Shifted Trump Votes To Kamala

Legendary Astronaut Buzz Aldrin 'wholeheartedly' Endorses Donald Trump

Liberal Icon Naomi Wolf Endorses Trump: 'He's Being More Inclusive'

(Washed Up Has Been) Singer Joni Mitchell Screams 'F*** Trump' at Hollywood Bowl

"Analysis: The Final State of the Presidential Race"

He’ll, You Pieces of Garbage

The Future of Warfare -- No more martyrdom!

"Kamala’s Inane Talking Points"

"The Harris Campaign Is Testament to the Toxicity of Woke Politics"

Easy Drywall Patch

Israel Preparing NEW Iran Strike? Iran Vows “Unimaginable” Response | Watchman Newscast

In Logansport, Indiana, Kids are Being Pushed Out of Schools After Migrants Swelled County’s Population by 30%: "Everybody else is falling behind"

Exclusive — Bernie Moreno: We Spend $110,000 Per Illegal Migrant Per Year, More than Twice What ‘the Average American Makes’

Florida County: 41 of 45 People Arrested for Looting after Hurricanes Helene and Milton are Noncitizens

Presidential race: Is a Split Ticket the only Answer?

hurricanes and heat waves are Worse

'Backbone of Iran's missile industry' destroyed by IAF strikes on Islamic Republic

Joe Rogan Experience #2219 - Donald Trump

IDF raids Hezbollah Radwan Forces underground bases, discovers massive cache of weapons

Gallant: ‘After we strike in Iran,’ the world will understand all of our training

The Atlantic Hit Piece On Trump Is A Psy-Op To Justify Post-Election Violence If Harris Loses

Six Al Jazeera journalists are Hamas, PIJ terrorists

Judge Aileen Cannon, who tossed Trump's classified docs case, on list of proposed candidates for attorney general

Iran's Assassination Program in Europe: Europe Goes Back to Sleep

Susan Olsen says Brady Bunch revival was cancelled because she’s MAGA.

Foreign Invaders crisis cost $150B in 2023, forcing some areas to cut police and fire services: report

Israel kills head of Hezbollah Intelligence.


Status: Not Logged In; Sign In

Computers-Hacking
See other Computers-Hacking Articles

Title: My browser visited Weather.com and all I got was this lousy malware [also Drudge, Wunderground, Yahoo]
Source: Ars Technica
URL Source: http://arstechnica.com/security/201 ... -i-got-was-this-lousy-malware/
Published: Aug 15, 2015
Author: Dan Goodin
Post Date: 2015-08-15 11:27:29 by Tooconservative
Keywords: None
Views: 19629
Comments: 77

Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo's ad network, exposing millions more people to the same drive-by attacks.

Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network.

Malvertising is a particularly pernicious form of attack because it can infect people who do nothing more than browse to a mainstream site. Depending on the exploit, it can silently hijack computers even when visitors don't click on links. Some browser makers have responded by implementing so-called click-to-play mechanisms that don't render Flash or Java content unless the end user actively permits the plugin to run on a particular site. Some users have resorted to ad blockers, which have the unfortunate side effect of depriving publishers of much-needed advertising revenue.

The campaign used against the AdSpirit and Yahoo networks connected to servers run by Microsoft's Azure service. Ultimately, the booby-trapped ads led to attack code distributed through the Angler exploit kit, a software package sold on the black market that makes it easy for criminals to exploit vulnerabilities in Flash, Java, and other software. The AdSpirit attacks were particularly hard to trace because most of the websites involved in the attack were using the transport layer security protocol to obscure the address and encrypt the data. There's no indication the attacks were exploiting vulnerabilities in fully patched software. That underscores the importance of installing security updates as soon as they become available.


Poster Comment:

Install adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently.(1 image)

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

Begin Trace Mode for Comment # 33.

#33. To: TooConservative (#0)

Install adblockers to be more secure.

Take your pick.

https://en.wikipedia.org/wiki/UBlock

https://addons.mozilla.org/en-us/firefox/addon/ublock/

https://addons.mozilla.org/en-us/firefox/addon/ublock/reviews/

µBlock - 214,818 users

https://addons.mozilla.org/en-us/firefox/addon/adblock-plus/

https://addons.mozilla.org/en-us/firefox/addon/adblock-plus/reviews/

AdBlock Plus - 19,564,935 users

- - - - -

https://addons.mozilla.org/en-US/firefox/addon/adblock-plus-pop-up-addon/

https://addons.mozilla.org/en-US/firefox/addon/adblock-plus-pop-up-addon/reviews/

AdBlock Plus, Pop-up Addon - 1,164,851 users

- - - - -

https://addons.mozilla.org/en-Us/firefox/addon/adblock-edge/

AdBlock Edge - Discontinued

nolu chan  posted on  2015-08-16   13:43:01 ET  Reply   Untrace   Trace   Private Reply  


Replies to Comment # 33.

#34. To: nolu chan, TooConservative (#33)

All anyone has to perform to easily eliminate user ad tracking is to clean their cache memories from tyme to tyme; no specialized "ad blocker crap." It is easy, too; while not using any pull-down menus from ANY browser.

But ad tracking software is just one symptom of loss of anonymity. Why not just become anonymmous?

buckeroo  posted on  2015-08-16 13:57:34 ET  Reply   Untrace   Trace   Private Reply  


#40. To: nolu chan (#33)

Take your pick.

True. If you look in the Chrome Store or the Google Play store, you'll find tons more. That's because it is open-source stuff and easy to crank out new versions.

And they all use the same blacklists/whitelists, it seems.

Tooconservative  posted on  2015-08-16 14:10:29 ET  Reply   Untrace   Trace   Private Reply  


End Trace Mode for Comment # 33.

TopPage UpFull ThreadPage DownBottom/Latest

[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

Please report web page problems, questions and comments to webmaster@libertysflame.com