Stories
Slash Boxes
Comments

SoylentNews is people

New Rash of Malvertising Attacks Threatens Millions of Web Surfers

posted by LaminatorX on Sunday August 16 2015, @05:39PM   Printer-friendly
from the Yet-Again dept.

Phoenix666 writes:

Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.

The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo's ad network, exposing millions more people to the same drive-by attacks.

Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network.

Perhaps a positive side-effect of these exploits is the average person may come to pay more attention to security and privacy.

Original Submission

 
This discussion has been archived. No new comments can be posted.
New Rash of Malvertising Attacks Threatens Millions of Web Surfers | Log In/Create an Account | Top | 26 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by sjames on Sunday August 16 2015, @08:21PM

    by sjames (2882) on Sunday August 16 2015, @08:21PM (#223609) Journal

    The free market boosters are missing a few very important conditions that doom it to failure. In this case it's a matter of information and choice. Consumers really don't get to actively choose which outsourced ad network might appear on a site and doesn't have a good way to even get enough information to evaluate the trustworthiness of the ad networks. Even if the information was there, they generally don't have the expertise to decide what constitutes a trustworthy ad network (if there are any).

    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 0) by Anonymous Coward on Sunday August 16 2015, @08:26PM

    by Anonymous Coward on Sunday August 16 2015, @08:26PM (#223610)

    Consumers never get to chose, they get to consume.

    • (Score: 3, Interesting) by sjames on Sunday August 16 2015, @08:31PM

      by sjames (2882) on Sunday August 16 2015, @08:31PM (#223612) Journal

      And so the free market fails repeatedly.

  • (Score: 1) by Murdoc on Tuesday August 18 2015, @03:02AM

    by Murdoc (2518) on Tuesday August 18 2015, @03:02AM (#224213)

    You're forgetting that in cases like this, it is the ad companies that are the "consumers" since they are the ones paying, not the people visiting the sites. So yeah, they do get a choice. The problem is that these "problems" are externalities to them (by two levels even), a different failure of the market system.

    • (Score: 2) by sjames on Tuesday August 18 2015, @07:13AM

      by sjames (2882) on Tuesday August 18 2015, @07:13AM (#224284) Journal

      It is valid to view it from either angle. From your angle, the market will not internalize that externality, so it would take regulation. That is, the free market still fails.