[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

"International court’s attack on Israel a sign of the free world’s moral collapse"

"Pete Hegseth Is Right for the DOD"

"Why Our Constitution Secures Liberty, Not Democracy"

Woodworking and Construction Hacks

"CNN: Reporters Were Crying and Hugging in the Hallways After Learning of Matt Gaetz's AG Nomination"

"NEW: Democrat Officials Move to Steal the Senate Race in Pennsylvania, Admit to Breaking the Law"

"Pete Hegseth Is a Disruptive Choice for Secretary of Defense. That’s a Good Thing"

Katie Britt will vote with the McConnell machine

Battle for Senate leader heats up — Hit pieces coming from Thune and Cornyn.

After Trump’s Victory, There Can Be No Unity Without A Reckoning

Vivek Ramaswamy, Dark-horse Secretary of State Candidate

Megyn Kelly has a message for Democrats. Wait for the ending.

Trump to choose Tom Homan as his “Border Czar”

"Trump Shows Demography Isn’t Destiny"

"Democrats Get a Wake-Up Call about How Unpopular Their Agenda Really Is"

Live Election Map with ticker shows every winner.

Megyn Kelly Joins Trump at His Final PA Rally of 2024 and Explains Why She's Supporting Him

South Carolina Lawmaker at Trump Rally Highlights Story of 3-Year-Old Maddie Hines, Killed by Illegal Alien

GOP Demands Biden, Harris Launch Probe into Twice-Deported Illegal Alien Accused of Killing Grayson Davis

Previously-Deported Illegal Charged With Killing Arkansas Children’s Hospital Nurse in Horror DUI Crash

New Data on Migrant Crime Rates Raises Eyebrows, Alarms

Thousands of 'potentially fraudulent voter registration applications' Uncovered, Stopped in Pennsylvania

Michigan Will Count Ballot of Chinese National Charged with Voting Illegally

"It Did Occur" - Kentucky County Clerk Confirms Voting Booth 'Glitch'' Shifted Trump Votes To Kamala

Legendary Astronaut Buzz Aldrin 'wholeheartedly' Endorses Donald Trump

Liberal Icon Naomi Wolf Endorses Trump: 'He's Being More Inclusive'

(Washed Up Has Been) Singer Joni Mitchell Screams 'F*** Trump' at Hollywood Bowl

"Analysis: The Final State of the Presidential Race"

He’ll, You Pieces of Garbage

The Future of Warfare -- No more martyrdom!

"Kamala’s Inane Talking Points"

"The Harris Campaign Is Testament to the Toxicity of Woke Politics"

Easy Drywall Patch

Israel Preparing NEW Iran Strike? Iran Vows “Unimaginable” Response | Watchman Newscast

In Logansport, Indiana, Kids are Being Pushed Out of Schools After Migrants Swelled County’s Population by 30%: "Everybody else is falling behind"

Exclusive — Bernie Moreno: We Spend $110,000 Per Illegal Migrant Per Year, More than Twice What ‘the Average American Makes’

Florida County: 41 of 45 People Arrested for Looting after Hurricanes Helene and Milton are Noncitizens

Presidential race: Is a Split Ticket the only Answer?

hurricanes and heat waves are Worse

'Backbone of Iran's missile industry' destroyed by IAF strikes on Islamic Republic

Joe Rogan Experience #2219 - Donald Trump

IDF raids Hezbollah Radwan Forces underground bases, discovers massive cache of weapons

Gallant: ‘After we strike in Iran,’ the world will understand all of our training

The Atlantic Hit Piece On Trump Is A Psy-Op To Justify Post-Election Violence If Harris Loses

Six Al Jazeera journalists are Hamas, PIJ terrorists

Judge Aileen Cannon, who tossed Trump's classified docs case, on list of proposed candidates for attorney general

Iran's Assassination Program in Europe: Europe Goes Back to Sleep

Susan Olsen says Brady Bunch revival was cancelled because she’s MAGA.

Foreign Invaders crisis cost $150B in 2023, forcing some areas to cut police and fire services: report

Israel kills head of Hezbollah Intelligence.


Status: Not Logged In; Sign In

Computers-Hacking
See other Computers-Hacking Articles

Title: My browser visited Weather.com and all I got was this lousy malware [also Drudge, Wunderground, Yahoo]
Source: Ars Technica
URL Source: http://arstechnica.com/security/201 ... -i-got-was-this-lousy-malware/
Published: Aug 15, 2015
Author: Dan Goodin
Post Date: 2015-08-15 11:27:29 by Tooconservative
Keywords: None
Views: 19658
Comments: 77

Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo's ad network, exposing millions more people to the same drive-by attacks.

Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network.

Malvertising is a particularly pernicious form of attack because it can infect people who do nothing more than browse to a mainstream site. Depending on the exploit, it can silently hijack computers even when visitors don't click on links. Some browser makers have responded by implementing so-called click-to-play mechanisms that don't render Flash or Java content unless the end user actively permits the plugin to run on a particular site. Some users have resorted to ad blockers, which have the unfortunate side effect of depriving publishers of much-needed advertising revenue.

The campaign used against the AdSpirit and Yahoo networks connected to servers run by Microsoft's Azure service. Ultimately, the booby-trapped ads led to attack code distributed through the Angler exploit kit, a software package sold on the black market that makes it easy for criminals to exploit vulnerabilities in Flash, Java, and other software. The AdSpirit attacks were particularly hard to trace because most of the websites involved in the attack were using the transport layer security protocol to obscure the address and encrypt the data. There's no indication the attacks were exploiting vulnerabilities in fully patched software. That underscores the importance of installing security updates as soon as they become available.


Poster Comment:

Install adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently.(1 image)

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

Begin Trace Mode for Comment # 52.

#1. To: TooConservative (#0)

Install adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently.(1 image)

Your lite-weight recommendations for surfing the web are not just silly but invites further intrusion into one's privacy.

buckeroo  posted on  2015-08-15   11:49:54 ET  Reply   Untrace   Trace   Private Reply  


#2. To: buckeroo (#1)

Pardon me if I think your opinion is worthless.

Adblockers have proven their value over and over at resisting malware and reducing network congestion. It isn't even debatable among tech types.

Tooconservative  posted on  2015-08-15   12:13:52 ET  Reply   Untrace   Trace   Private Reply  


#3. To: TooConservative (#2)

You don't need ad blockers. You need a REAL browser.

buckeroo  posted on  2015-08-15   12:18:08 ET  Reply   Untrace   Trace   Private Reply  


#4. To: buckeroo (#3)

You don't need ad blockers. You need a REAL browser.

What "real browser" are you using that is malware-resistant without adblockers/NoScript/Ghostery/etc.?

Lynx?

Name this browser.

Tooconservative  posted on  2015-08-15   12:21:30 ET  Reply   Untrace   Trace   Private Reply  


#7. To: TooConservative (#4)

Name this browser.

anonymous

buckeroo  posted on  2015-08-15   19:01:08 ET  Reply   Untrace   Trace   Private Reply  


#11. To: buckeroo, TooConservative (#7)

anonymous

TOR with TAILS (thumb)?

nolu chan  posted on  2015-08-15   20:09:42 ET  Reply   Untrace   Trace   Private Reply  


#12. To: nolu chan (#11)

TOR with TAILS (thumb)?

Tor is horribly slow to start with, even more so if you allow all the ads and scripts to load. And Tor doesn't do anything to protect you from browser attacks, either from malicious websites or hacked ad server networks.

Can't be Tor.

Tooconservative  posted on  2015-08-15   20:22:02 ET  Reply   Untrace   Trace   Private Reply  


#13. To: TooConservative (#12)

Tor is horribly slow to start with, even more so if you allow all the ads and scripts to load. And Tor doesn't do anything to protect you from browser attacks, either from malicious websites or hacked ad server networks.

Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?

nolu chan  posted on  2015-08-15   21:30:11 ET  Reply   Untrace   Trace   Private Reply  


#14. To: nolu chan (#13)

Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?

I'm not sure where you read that but it isn't true.

Even assuming that Tor was secure and anonymous, it does nothing to protect your browser from malicious websites and hacked ad server networks. Nothing, nada. No more than using VPN or other proxies protect you from server-based attacks.

Tooconservative  posted on  2015-08-15   21:42:37 ET  Reply   Untrace   Trace   Private Reply  


#15. To: TooConservative (#14)

Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?

I'm not sure where you read that but it isn't true.

Even assuming that Tor was secure and anonymous, it does nothing to protect your browser from malicious websites and hacked ad server networks. Nothing, nada. No more than using VPN or other proxies protect you from server-based attacks.

If I'm running an operating system on a thumb drive, what are you hacking besides the thumb drive?

TAILS - The Amnesiac Incognito Live System. No new programs. No saves. Upon shutoff, it leaves a completely blank slate of all history. It worked for Edward Snowden. Apparently, it works for Glenn Greenwald.

http://www.theverge.com/2014/4/29/5664884/this-is-the-most-secure-computer-you-ll-ever-own

[extract]

In exchange for all the troubleshooting, you get an unusual kind of anonymity. Keeping the operating system on a disk means you’re operating independent of the computer, picking nothing up and leaving nothing behind. It also makes your setup portable. You can launch Tails from an internet cafe and know that none of the programs on the public computer will get in the way of what you’re doing. The new versions of Tails will even hide you within a local network, randomizing the computer’s MAC address to make you even harder to track. None of the methods are completely impenetrable, but together they add up to a major headache for anyone trying to follow you across the web.

nolu chan  posted on  2015-08-16   1:17:24 ET  Reply   Untrace   Trace   Private Reply  


#23. To: nolu chan (#15)

From the TAILS website:

Numerous security holes in Tails 1.4.1

Posted Sun 09 Aug 2015 01:02:03 AM CEST

Numerous security holes in Tails 1.4

Posted Sun 28 Jun 2015 01:02:03 AM CEST

TAILS 1.5 is now out. How secure is TAILS if they find new and "numerous security holes" every 10 days or so?

And, nolu, are you actually posting here at LF right now using TAILS? Do you actually use what you are recommending for others to use?

Tooconservative  posted on  2015-08-16   12:31:28 ET  Reply   Untrace   Trace   Private Reply  


#27. To: TooConservative, (#23)

Numerous security holes in Tails 1.4.1

Posted Sun 09 Aug 2015 01:02:03 AM CEST

Numerous security holes in Tails 1.4

Posted Sun 28 Jun 2015 01:02:03 AM CEST

http://www.theverge.com/2014/4/29/5664884/this-is-the-most-secure-computer-you-ll-ever-own

This is the most secure computer you’ll ever own

Tails is the secure system that protected Edward Snowden. Here's how it works.

By Russell Brandom on April 29, 2014 01:34 pm

From the moment you boot up, your computer leaves footprints. Websites leave tracking cookies, following you from page to page and session to session, alongside the usual traces left by your IP address. Persistent logins from Google and Facebook tie each site visit to your offline identity. If anyone really wants to go after you, they can also make a direct attack, targeting malware to track your movements in the background. With the right tools, a computer is an open book.

Not this computer, though. It's running Tails, an open-source operating system designed to leave as little trace as possible, launching version 1.0 today after more than five years of open development. It's an amnesiac system, which means it's completely fresh every time you boot up. There are no save files, no new programs, and most importantly, it becomes a blank slate the moment you shut down. It's the digital equivalent of buying a new computer for a single session and tossing it into the river once you're done.

That trick has earned Tails a lot of attention. It’s already standard software at Glenn Greenwald’s First Look Media, where he’s called it “vital to my ability to work securely on the NSA story.” Tor researcher Jacob Appelbaum praised the project onstage at this year's Chaos Communications Congress, and in March Tails received a $50,000 grant to keep the project going. Nearly 8,500 computers booted up with Tails on a given day in March, 500 more than the month before. Those are surprisingly high numbers for a project that’s this hard to use, and does this little. But if you need a secure line, Tails is the best way to get it. In the era of the NSA, that’s a rare thing.

Tails works by booting your computer off of an external disk — usually a USB drive, an SD card or a CD — but getting Tails onto the right storage drive is harder than it sounds. Ideally, you’d keep it on a CD: once it’s burned into the plastic, the code can't be changed, making it completely immune to malware. But with new versions being released every few months (and plenty of laptops going without CD drives), a USB stick can be more convenient. We used Rufus to make a bootable version on a USB drive and SD card, but even then, certain flash drives simply won’t work with Tails. There are ways to add encrypted storage or persistent programs too, but each extra feature is also a new chance for security problems.

Getting Tails onto a computer isn’t straightforward either. There’s a long list of computers that can’t run the OS, and it includes most of the computers made by Apple. We spent the better part of a day trying to launch it on a Toshiba Kirabook, only to have Windows 8 punch through every time. It ends up working best on machines that are Linux-friendly, without anything like a high-powered video card to trip things up. There are a few different stable setups, but lots of ways to accidentally break your own security.

In exchange for all the troubleshooting, you get an unusual kind of anonymity. Keeping the operating system on a disk means you’re operating independent of the computer, picking nothing up and leaving nothing behind. It also makes your setup portable. You can launch Tails from an internet cafe and know that none of the programs on the public computer will get in the way of what you’re doing. The new versions of Tails will even hide you within a local network, randomizing the computer’s MAC address to make you even harder to track. None of the methods are completely impenetrable, but together they add up to a major headache for anyone trying to follow you across the web.

"Even if the developers wanted to put in a backdoor, they couldn't"

Getting there has been a five-year process, with developers working in their spare time on a miniscule budget — less than $60,000 a year in donations, before the recent grant. The code has been open for review at every stage, and after each release, auditors have found holes in Tails' security, creative ways an attacker might circumvent the program. The holes are patched a few months later, then new holes are discovered, then those holes are patched a few months after that. By now, this process has repeated more than 30 times. It's the nature of open-source development, a messy, public process that produces secure software through a slow grind of bug hunts. That parade of public security failings is meant to make users feel safe. If there's a problem in security at any level, you'll know about it, and the team will be under pressure to fix it as soon as possible. It's the same open workflow that built Tor and PGP, and stumbled more recently with the Heartbleed bug. But it means that even if the developers wanted to put in a backdoor, they couldn't.

Even more remarkable, no one knows who's behind it all. The development team works under pseudonyms and their legal names have never been publicly revealed. "Some of us want to remain anonymous," the Tails developers told me from a group email account. "Some of us simply believe that our work, what we do, and how we do it, should be enough."

As open source software, the LINUX source code is under constant review. Security problems are reported. Who thinks Windows is more secure than LINUX?

Published on Aug 14, 2015

Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to: use the Internet anonymously and circumvent censorship; all connections to the Internet are forced to go through the Tor network; leave no trace on the computer you are using unless you ask it explicitly; use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.

Homepage - https://tails.boum.org/

nolu chan  posted on  2015-08-16   12:57:37 ET  Reply   Untrace   Trace   Private Reply  


#29. To: nolu chan, buckeroo (#27) (Edited)

Even more remarkable, no one knows who's behind it all. The development team works under pseudonyms and their legal names have never been publicly revealed. "Some of us want to remain anonymous," the Tails developers told me from a group email account. "Some of us simply believe that our work, what we do, and how we do it, should be enough."

How do you know it isn't NSA and/or FBI?

You don't.

This reminds me of the Firefox special versions that had Tor baked in. Turns out, it was an FBI version that allowed Langley to insert malicious Javascript into anyone running that version. It took months for it to be detected.

TheHackerNews:

Eric Eoin Marques, 28 year-old man in Ireland believed to be behind Freedom Hosting, the biggest service provider for sites on the encrypted Tor network, is awaiting extradition on child pornography charges. It is understood the FBI had spent a year trying to locate Mr Marques.

Marques was arrested on a Maryland warrant that includes charges of distributing and promoting child porn online. He faced four charges relating to alleged child pornography offenses with a total of 30 years jail, reportedly dubbed by the FBI as “the largest facilitator of child porn on the planet.” That need has been particularly heightened with the many revelations of the US Prism program and other cyber spying initiatives.

You don't suppose the feds seized all his gear and forced him to inform on his users, do you?

eHackingNews: Almost Half of Tor sites compromised by FBI [Exclusive details]

And that is just the FBI who are amateurs compared to NSA.

You are naive about Tor and its limits. You'll notice how much child-porn was going through these Tor-hosted sites, exactly as I said.

Tooconservative  posted on  2015-08-16   13:10:47 ET  Reply   Untrace   Trace   Private Reply  


#35. To: TooConservative (#29)

How do you know it isn't NSA and/or FBI?

You don't.

It's open source. You really think NSA/FBI is behind the open source development of TAILS?

You can download "special" copies from bogus sites set up by the NSA or FBI. Shocker.

If you want to be secure from the FBI/NSA, your solution of µBlock isn't going to do it. The solution to that is stay off the grid.

nolu chan  posted on  2015-08-16   14:02:25 ET  Reply   Untrace   Trace   Private Reply  


#41. To: nolu chan (#35)

It's open source. You really think NSA/FBI is behind the open source development of TAILS?

How do you know they aren't. It would be far from the first time that American intel and LEO agencies decided the easiest way to control something is to be right at the center.

And you only need compromise a few key contributors to achieve your goals. Certainly, it is entirely possible and is a straightforward solution.

Tooconservative  posted on  2015-08-16   14:13:06 ET  Reply   Untrace   Trace   Private Reply  


#46. To: TooConservative (#41)

How do you know they aren't.

It's open source. Nobody cares who wrote it when the whole world can examine the source code.

The thread is about avoiding malicious adware, not the NSA. To safely evade the NSA, go off the grid. Or use µBlock if it gives you a sense of security. Or you could try a fluffy security bear.

nolu chan  posted on  2015-08-16   14:29:19 ET  Reply   Untrace   Trace   Private Reply  


#49. To: nolu chan (#46)

The thread is about avoiding malicious adware, not the NSA.

You're the one who dragged it into "Snowden evaded detection with Tor/TAILS". I said that was irrelevant from the start and then started documenting why Tor/TAILS is only more secure than conventional solutions but is not totally secure.

Tooconservative  posted on  2015-08-16   14:43:15 ET  Reply   Untrace   Trace   Private Reply  


#50. To: TooConservative, nolu chan (#49)

You're the one who dragged it into "Snowden evaded detection with Tor/TAILS". I said that was irrelevant from the start and then started documenting why Tor/TAILS is only more secure than conventional solutions but is not totally secure.

Chan did not suggest "total security" with any software. He provided options for security is all.

You can take your highfallutin' "adblocker software" and stuff it; as IT also poses a risk to your Internet experience and (perhaps) your local files.

buckeroo  posted on  2015-08-16   14:48:45 ET  Reply   Untrace   Trace   Private Reply  


#51. To: buckeroo (#50)

You can take your highfallutin' "adblocker software" and stuff it; as IT also poses a risk to your Internet experience and (perhaps) your local files.

Can you name a single example of this? In cases where ABP had security holes, it was patched quickly and I never read any reports of a hole doing anything more than letting some ads get through.

The greater hazard with ABP (and others) is that you'll want to read a website that blocks users of adblockers and you'll then enable ads on that site and get hit by a hacked ad network. I haven't read of it happening but it is likely that it has at some point.

Tooconservative  posted on  2015-08-16   14:57:33 ET  Reply   Untrace   Trace   Private Reply  


#52. To: TooConservative (#51)

LQQK, don't goto Drudge or WeatherChannel if you are so afraid of their mischief. If you wrap up your Internet experience based on some "protection software" because you are plain ignorant of how to achieve anonymous status that is all on your shoulders.

You sound like you want to patch "this" or "that" all the tyme and then bring your complaints to a forum that doesn't care about your complaint at all. This thread is proof: your hit ratio is a total loser of about 4.

buckeroo  posted on  2015-08-16   15:20:51 ET  Reply   Untrace   Trace   Private Reply  


Replies to Comment # 52.

#56. To: buckeroo (#52)

LQQK, don't goto Drudge or WeatherChannel if you are so afraid of their mischief. If you wrap up your Internet experience based on some "protection software" because you are plain ignorant of how to achieve anonymous status that is all on your shoulders.

These ad networks are pervasive and are present on many other websites. The article uses those as an example of prominent sites used by a lot of readers.

The issue of anonymity, much as you are blathering on about it, is not the question here.

Given how bog ignorant your posts on this thread are, I begin to wonder if you know anything about computer, browser, and network security issues.

Browser security from Javascript attacks is not remotely related to anonymity. Yet you prattle on about anonymity.

Even if you fully anonymize your network connections by various means, browsing to Drudge and hitting one of these Azure malware-infested ads will still infect your browser. That is the only issue this article/thread addresses.

But thanks for not contributing even one word to the actual topic of this thread and hijacking it to pat yourself on the back about how great you are at anonymizing your network interface. Nice work.

Tooconservative  posted on  2015-08-16 15:40:16 ET  Reply   Untrace   Trace   Private Reply  


End Trace Mode for Comment # 52.

TopPage UpFull ThreadPage DownBottom/Latest

[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

Please report web page problems, questions and comments to webmaster@libertysflame.com