Malwarebytes Uncovers Alleged Rogue Agency Placing Ads on High-Traffic Sites
ADOTAS – Some are familiar with security threats tied to online ads; cybercriminals can exploit vulnerabilities in the ads to redirect users to malicious sites or otherwise download malware on victims’ machines once they click. But what happens when the bad guys become advertisers?
Malwarebytes has uncovered an alleged rogue ad network deliberately redirecting clickers to malicious websites. The ads have appeared on 123greetings[dot]com and beeg[dot]com, according to the company.
Senior security researcher Jérôme Segura (pictured) has published a blog post detailing how it all works. Segura said he believes that the rogue ad agency (suspected of being controlled by Russian cybercriminals) approaches various high-traffic websites and offers to display their ads. But ultimately, the motivation is to push malware through them. He dissected one of these ads and found that it leads victims to a page hosting an exploit kit known as RIG EK, which then exploits Flash and installs a Trojan (Trojan.Agent.ED).
“This particular ad may have been placed on a number of websites, big and small and leading to several thousand infections,” said Segura.
To protect against this type of threat, Segura recommends users disable Flash or use tools like NoScript. It may degrade your web browsing experience, he notes, but is a pretty effective method of avoiding this and other web threats. Malwarebytes Anti-Exploit (free for consumers) is another option, he said.
No comments yet
Leave a Comment
- Brands Bring Tricks and Treats to Instagram for Halloween
- Honda’s Double-Sided Story on YouTube Allows Users to Switch Between Perfectly Parallel Lives
- Innovid Breaks Down The Anatomy of the Fragmented Consumer In The Cross-Device Video Landscape
- PunchTab Releases 2014 Holiday Shopping Insights: 90% of Consumers Will Shop Online
- Publicis Groupe Acquires Data-Driven Digital Ad Management Platform RUN