Malwarebytes Uncovers Alleged Rogue Agency Placing Ads on High-Traffic Sites
ADOTAS – Some are familiar with security threats tied to online ads; cybercriminals can exploit vulnerabilities in the ads to redirect users to malicious sites or otherwise download malware on victims’ machines once they click. But what happens when the bad guys become advertisers?
Malwarebytes has uncovered an alleged rogue ad network deliberately redirecting clickers to malicious websites. The ads have appeared on 123greetings[dot]com and beeg[dot]com, according to the company.
Senior security researcher Jérôme Segura (pictured) has published a blog post detailing how it all works. Segura said he believes that the rogue ad agency (suspected of being controlled by Russian cybercriminals) approaches various high-traffic websites and offers to display their ads. But ultimately, the motivation is to push malware through them. He dissected one of these ads and found that it leads victims to a page hosting an exploit kit known as RIG EK, which then exploits Flash and installs a Trojan (Trojan.Agent.ED).
“This particular ad may have been placed on a number of websites, big and small and leading to several thousand infections,” said Segura.
To protect against this type of threat, Segura recommends users disable Flash or use tools like NoScript. It may degrade your web browsing experience, he notes, but is a pretty effective method of avoiding this and other web threats. Malwarebytes Anti-Exploit (free for consumers) is another option, he said.
No comments yet
Leave a Comment
- OneSpot Announces Formation of OneSpot Content Partner Network
- Integral Ad Science Releases Q3 2014 Media Quality Report, Now Including Video Advertising Metrics
- Russ Mann, Newly Named CMO at Nintex, Talks The Future of Digital Marketing
- Meredith Corporation Grows Presence in Wedding Market With Mywedding.com Acquisition
- Integral Ad Science Forms Strategic Partnership With Yahoo! Japan