Stories
Slash Boxes
Comments

SoylentNews is people

Forbes Asks Readers to Turn Off Ad Blockers, Then Immediately Serves Them Pop-under Malware

posted by cmn32480 on Sunday January 10 2016, @02:54PM   Printer-friendly
from the those-bastards dept.

xpda writes:

The Forbes 30 Under 30 list came out this week and it featured a prominent security researcher. Other researchers were pleased to see one of their own getting positive attention, and visited the site in droves to view the list.

On arrival, like a growing number of websites, Forbes asked readers to turn off ad blockers in order to view the article. After doing so, visitors were immediately served with pop-under malware, primed to infect their computers, and likely silently steal passwords, personal data and banking information. Or, as is popular worldwide with these malware "exploit kits," lock up their hard drives in exchange for Bitcoin ransom. The exploit used was a version of hackenfreude.

Forbes has recently taken some flack from Soylent News readers for its heavy-handed approach to ad blockers.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Forbes Asks Readers to Turn Off Ad Blockers, Then Immediately Serves Them Pop-under Malware | Log In/Create an Account | Top | 62 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Hairyfeet on Sunday January 10 2016, @10:24PM

    by Hairyfeet (75) <bassbeast1968NO@SPAMgmail.com> on Sunday January 10 2016, @10:24PM (#287840) Journal

    Sorry but malware guys have already figured out Linux users are trivial to add so they are cooking up cross platform malware [zdnet.com] that simply detects which OS you are on and then grabs the correct exploit. This means you can't go by what you get if you visit the malware on a Windows box as the payload will change if you are on OSX or Linux.

    You gotta give them credit, it looks like it really didn't take much to add Linux support, just a few lines.

    --
    ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 3, Informative) by sjames on Sunday January 10 2016, @10:37PM

    by sjames (2882) on Sunday January 10 2016, @10:37PM (#287846) Journal

    Sure, it is possible to write a trojan for Linux, but the one you referred to required the user to actually run the app after downloading. The Javascript was nothing more than the standard stuff you'll find when downloading from google, sourceforge, or anywhere else that offers binaries for more than one platform.

    A multi-platform drive-by is possible, but the PARTICULAR bit of malware in question doesn't appear to be an example of it. Building it from Javascript isn't enough to make that happen.

    That doesn't mean I'm willing to just run any old thing an advertiser cares to toss my way.

  • (Score: 1, Funny) by Anonymous Coward on Monday January 11 2016, @12:49AM

    by Anonymous Coward on Monday January 11 2016, @12:49AM (#287886)

    as the payload will change if you are on OSX or Linux.

    Not if your browser ident string is set to Win95!!