Malwarebytes Uncovers Alleged Rogue Agency Placing Ads on High-Traffic Sites
ADOTAS – Some are familiar with security threats tied to online ads; cybercriminals can exploit vulnerabilities in the ads to redirect users to malicious sites or otherwise download malware on victims’ machines once they click. But what happens when the bad guys become advertisers?
Malwarebytes has uncovered an alleged rogue ad network deliberately redirecting clickers to malicious websites. The ads have appeared on 123greetings[dot]com and beeg[dot]com, according to the company.
Senior security researcher Jérôme Segura (pictured) has published a blog post detailing how it all works. Segura said he believes that the rogue ad agency (suspected of being controlled by Russian cybercriminals) approaches various high-traffic websites and offers to display their ads. But ultimately, the motivation is to push malware through them. He dissected one of these ads and found that it leads victims to a page hosting an exploit kit known as RIG EK, which then exploits Flash and installs a Trojan (Trojan.Agent.ED).
“This particular ad may have been placed on a number of websites, big and small and leading to several thousand infections,” said Segura.
To protect against this type of threat, Segura recommends users disable Flash or use tools like NoScript. It may degrade your web browsing experience, he notes, but is a pretty effective method of avoiding this and other web threats. Malwarebytes Anti-Exploit (free for consumers) is another option, he said.
No comments yet
Leave a Comment
- Meredith Xcelerated Marketing Recognized with Top Honors at 2014 Content Marketing Awards
- InMobi inks global partnership with Factual to increase Mobile Ad Efficacy for Brands
- Eyeview and LiveRamp Partnership Delivers Powerful Data Solutions to Brands
- Rubicon Project Selected to Power Global Exchange for International Media Group, Future plc
- Evolve Media Further Strengthens Viewability Through Partnership with Moat