Computers-Hacking
See other Computers-Hacking Articles
Title: My browser visited Weather.com and all I got was this lousy malware [also Drudge, Wunderground, Yahoo]
Source:
Ars Technica
URL Source: http://arstechnica.com/security/201 ... -i-got-was-this-lousy-malware/
Published: Aug 15, 2015
Author: Dan Goodin
Post Date: 2015-08-15 11:27:29 by Tooconservative
Keywords: None
Views: 21545
Comments: 77
Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said. The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo's ad network, exposing millions more people to the same drive-by attacks. Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network. Malvertising is a particularly pernicious form of attack because it can infect people who do nothing more than browse to a mainstream site. Depending on the exploit, it can silently hijack computers even when visitors don't click on links. Some browser makers have responded by implementing so-called click-to-play mechanisms that don't render Flash or Java content unless the end user actively permits the plugin to run on a particular site. Some users have resorted to ad blockers, which have the unfortunate side effect of depriving publishers of much-needed advertising revenue. The campaign used against the AdSpirit and Yahoo networks connected to servers run by Microsoft's Azure service. Ultimately, the booby-trapped ads led to attack code distributed through the Angler exploit kit, a software package sold on the black market that makes it easy for criminals to exploit vulnerabilities in Flash, Java, and other software. The AdSpirit attacks were particularly hard to trace because most of the websites involved in the attack were using the transport layer security protocol to obscure the address and encrypt the data. There's no indication the attacks were exploiting vulnerabilities in fully patched software. That underscores the importance of installing security updates as soon as they become available. 
Poster Comment:
Install adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently.(1 image)
Post Comment Private Reply Ignore Thread
Top • Page Up • Full Thread • Page Down • Bottom/Latest
Begin Trace Mode for Comment # 14.
Install adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently.(1 image)
Your lite-weight recommendations for surfing the web are not just silly but invites further intrusion into one's privacy.
#2. To: buckeroo (#1)
Pardon me if I think your opinion is worthless.
Adblockers have proven their value over and over at resisting malware and reducing network congestion. It isn't even debatable among tech types.
#3. To: TooConservative (#2)
You don't need ad blockers. You need a REAL browser.
#4. To: buckeroo (#3)
You don't need ad blockers. You need a REAL browser.
What "real browser" are you using that is malware-resistant without adblockers/NoScript/Ghostery/etc.?
Lynx?
Name this browser.
#7. To: TooConservative (#4)
Name this browser.
anonymous
#11. To: buckeroo, TooConservative (#7)
anonymous
TOR with TAILS (thumb)?
#12. To: nolu chan (#11)
TOR with TAILS (thumb)?
Tor is horribly slow to start with, even more so if you allow all the ads and scripts to load. And Tor doesn't do anything to protect you from browser attacks, either from malicious websites or hacked ad server networks.
Can't be Tor.
#13. To: TooConservative (#12)
Tor is horribly slow to start with, even more so if you allow all the ads and scripts to load. And Tor doesn't do anything to protect you from browser attacks, either from malicious websites or hacked ad server networks.
Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?
#14. To: nolu chan (#13)
Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?
I'm not sure where you read that but it isn't true.
Even assuming that Tor was secure and anonymous, it does nothing to protect your browser from malicious websites and hacked ad server networks. Nothing, nada. No more than using VPN or other proxies protect you from server-based attacks.
Replies to Comment # 14.
#15. To: TooConservative (#14)
Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?
I'm not sure where you read that but it isn't true.Even assuming that Tor was secure and anonymous, it does nothing to protect your browser from malicious websites and hacked ad server networks. Nothing, nada. No more than using VPN or other proxies protect you from server-based attacks.
If I'm running an operating system on a thumb drive, what are you hacking besides the thumb drive?
TAILS - The Amnesiac Incognito Live System. No new programs. No saves. Upon shutoff, it leaves a completely blank slate of all history. It worked for Edward Snowden. Apparently, it works for Glenn Greenwald.
http://www.theverge.com/2014/4/29/5664884/this-is-the-most-secure-computer-you-ll-ever-own
[extract]
In exchange for all the troubleshooting, you get an unusual kind of anonymity. Keeping the operating system on a disk means you’re operating independent of the computer, picking nothing up and leaving nothing behind. It also makes your setup portable. You can launch Tails from an internet cafe and know that none of the programs on the public computer will get in the way of what you’re doing. The new versions of Tails will even hide you within a local network, randomizing the computer’s MAC address to make you even harder to track. None of the methods are completely impenetrable, but together they add up to a major headache for anyone trying to follow you across the web.
End Trace Mode for Comment # 14.
Top • Page Up • Full Thread • Page Down • Bottom/Latest
[Home] [Headlines] [Latest Articles] [Latest Comments] [Post] [Mail] [Sign-in] [Setup] [Help] [Register]