Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malvertising Campaign Hits MSN, NY Times, BBC, AOL

Posted by msmash on from the news-outlets-offering-ransomware dept.

An anonymous reader quotes an article on Help Net Security: In the last couple of days, visitors of a number of highly popular media outlets including the NY Times, the BBC, and Newsweek have been targeted with malicious adverts that attempted to install malware (mostly ransomware, but also various Trojans) on their systems. The websites themselves weren't compromised as the problem was with the ad networks these sites use -- Google, AppNexus, AOL, Rubicon. The ad networks were tricked into serving malicious ads to the visitors.

9 of 159 comments (clear)

  1. Ad Blocking by Anonymous Coward · · Score: 5, Insightful

    And then they'll tell us to please unblock them so they can make money on our misfortune.

    1. Re:Ad Blocking by Sax+Russell+5449D29A · · Score: 5, Insightful

      I always thought their pleas to unblock their sites should reflect reality: "Please let us serve you malware!"

      Malware distribution via ad networks is a very old an well-known scheme. It would be stupid not to block all ads. As no point can effectively be made without a car analogy; would you not wear your seatbelt if the owner of the road came to you with such plea?

      --
      -SR
  2. And they wonder why I use an adblocker.... by QuietLagoon · · Score: 4, Insightful
    I need to protect myself from their security incompetence.

    The websites themselves weren't compromised

    The ads appeared when I visited those websites, therefore it appears the websites are responsible for spreading the malware.

    1. Re:And they wonder why I use an adblocker.... by Aighearach · · Score: 4, Insightful

      These companies forget why google exists, why they are successful. In the 90s, there were 2 choices; use an add aggregator and get lots of malware, or manage all the ads in-house and lose money because it isn't your core competency and is hard. Google was the one that didn't shop the ads out to fourth parties, they didn't let advertisers choose the HTML code. That meant no malware.

      Users who don't have their own protection will rightly blame the website who exposed them. The scammers basically "are" the NY Times. It is like signing an "online power of attorney" when you let external ad networks choose what HTML you'll serve from your site. They won't ask for that ability in the first place because they have good intentions. If they had good intentions, they'd just want to provide their media, instead of code.

      Not only are they responsible for what they serve, they explicitly chose to give these people the power to do this.

  3. So, Forbes, Wired, et all by Snotnose · · Score: 4, Interesting

    wanna tell me again why it's wrong of me to run an ad-blocker? Try to use bigger words this time, cuz when you use the smaller ones I understand 100% what you're telling me and my Deja-Moo detector goes off.

    Deja-Moo - that feeling you've heard this bull before.

  4. Adblocker = Malware blocker by Anonymous Coward · · Score: 5, Interesting

    Adblocker & related tools should change their marketing from 'helping you to block ads' to 'helping you avoid Malware/trojans etc.'...e.g. they should advertise & promote themselves as a 'security tool'...everything out of their mouths, on their website etc should be focused on that use case. Any time some politician opens their mouth about how adblockers are 'stealing' or 'ruining' some business the makers of adblocking tools should retort with statements about 'helping users security' etc.

  5. By what definition were they not compromised? by Anubis+IV · · Score: 5, Insightful

    The websites themselves weren't compromised as the problem was with the ad networks these sites use

    If you've configured your site to allow arbitrary content from unknown third-parties, your site is compromised by design. If the mere act of rendering the content that your site is sufficient to get malware, then, yes, your page is compromised. Doesn't matter if the source of the malware was in somebody else's ad service. If that service feeds data directly into your site that you then present to your visitors without any sort of vetting or filtering, then you've allowed that malware to compromise your site.

    Take responsibility, show some respect for your viewers, and stop making excuses. Vet your ads. Serve them from your own servers. Make them first-party. Compelling us to turn off ad-blockers to access your content while not taking steps on your end to protect us from malicious content is sloppy, negligent, and shows an utter and complete disregard for your customers.

  6. Re:Maybe by RavenLrD20k · · Score: 5, Funny

    Has anyone found a Forbes Link on this? I can't search there because I won't turn off my ad-blocker and Forbes won't let me past their page requesting that I turn off the blocker. It just goes through an endless loop.

  7. Running Ad Blocker like running Antivirus by Chas · · Score: 5, Insightful

    Seriously.

    Sure, some people can (and do) run for extended periods of time without getting compromised without ad blockers or AV.
    In the end, it's just a matter of time before they're infested.

    And yes, compromises on large ad networks like Google may be somewhat rare. But that doesn't help me when a website using their network gives me a drive-by install of Locky or or something that totally hoses all my (or my company's) data.

    As such, there is NO negotiation about ad blocking. It's happening. PERIOD.

    Until the entire ad industry formulates an acceptable ad policy that people can live with, that DOESN'T pose a danger to its users, ad blocking will continue.

    Now content providers are free to take their ball and go home. I don't much give a shit. If given a choice between having my personal and company data destroyed/stolen and watching every content provider on the Internet crash and burn due to lack of ad revenue? Let the fuckers crash and burn!

    --


    Chas - The one, the only.
    THANK GOD!!!