Malwarebytes Uncovers Alleged Rogue Agency Placing Ads on High-Traffic Sites
ADOTAS – Some are familiar with security threats tied to online ads; cybercriminals can exploit vulnerabilities in the ads to redirect users to malicious sites or otherwise download malware on victims’ machines once they click. But what happens when the bad guys become advertisers?
Malwarebytes has uncovered an alleged rogue ad network deliberately redirecting clickers to malicious websites. The ads have appeared on 123greetings[dot]com and beeg[dot]com, according to the company.
Senior security researcher Jérôme Segura (pictured) has published a blog post detailing how it all works. Segura said he believes that the rogue ad agency (suspected of being controlled by Russian cybercriminals) approaches various high-traffic websites and offers to display their ads. But ultimately, the motivation is to push malware through them. He dissected one of these ads and found that it leads victims to a page hosting an exploit kit known as RIG EK, which then exploits Flash and installs a Trojan (Trojan.Agent.ED).
“This particular ad may have been placed on a number of websites, big and small and leading to several thousand infections,” said Segura.
To protect against this type of threat, Segura recommends users disable Flash or use tools like NoScript. It may degrade your web browsing experience, he notes, but is a pretty effective method of avoiding this and other web threats. Malwarebytes Anti-Exploit (free for consumers) is another option, he said.
No comments yet
Leave a Comment
- Vibrant Media, Native Ad Company, Bills Its Billionth Dollar
- Overcoming Ad Blocking with Influencer Marketing
- LiveRamp Expands Data Onboarding Service to United Kingdom and France
- OpenMarket Survey/Infographic Reveal Millennials Prefer Texting But Marketers Miss the Boat
- Just For Fun (and Sales): Search Data Reveals What Millennial Moms Would Like For Mother’s Day