Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.
The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo's ad network, exposing millions more people to the same drive-by attacks.
Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network.
Perhaps a positive side-effect of these exploits is the average person may come to pay more attention to security and privacy.
(Score: 2) by bradley13 on Monday August 17 2015, @05:52AM
Granted, I haven't ever run no-script. But I have a combination of Ghostery, AdBlock and a bunch of entries in my hosts file. That serves to eliminate essentially all crap, and sites still work. The worst I ever get is an empty advertisement (e.g., the pre-load page on Forbes that shows for a few seconds).
I just tried weather.com, since you mentioned that site specifically. It works, but what a gawdawful site. What is it with this trend to lots of pics and zero information?
Just as an example, there is a product I am considering buying (based on reviews). I went to the manufacturer's site (link [sonos.com], if you want to see). The homepage contains one huge picture, three little pictures and about 20 words. Other pages in the site are similar. I want information to decide if the product is what I need. Not glitz. Stupid designers. Sadly, this seems to be the direction of more and more websites today.
Everyone is somebody else's weirdo.