Thursday, 23 October 2014

Malvertising Campaign on Yahoo and AOL: Ransomware Got Spread
Malvertising Campaign on Yahoo and AOL: Ransomware Got Spread 



Internet's top level websites and search engine's pages got found to be holding malicious ads and spreading ransomware in visitors' machines. 

Total 20 websites are believed to be infected in this campaign. It is laso said that the major percentage of the infected visitors were those who were still using the vulnerable Adobe Flash Player.  According to Proofpoint, the security firm that detected the campaign said in a Blog post  “the malvertisements silently ‘pull in' malicious exploits from the FlashPack Exploit Kit,
The infected website visitors installed CrtyptoWall 2.0, a nasty file-encrypting ransomware program.


Those who don't know Ransomware is a piece of software that locks or encrypts your Files in your computer and does not allow you to decrypt it unless until you pay some amount of money for the decryption key by Bitcoin or something like that over the internet. 


CryptoWall is very destructive because it uses strong encryption and leaves users with almost no option to reliably recover their files aside from paying ransom. Restoring the files from backups is a possibility, if those backups weren’t also affected by the infection.


According to ProofPoint, the campaign strated in late September and lasted over a month.The amount of money collected by this Ransomware in this Campaign as BitCoin is $750,000. The firm named more than 20 popular websites in all that were affected by the malverstising campaign, including sites managed byThe Sydney Morning Herald, Time Out magazine, and Weatherzone Australia. The amount of people affected by this campaign is more interesting, million per day. Yes your heard it right. 


As in the case of most malvertising attacks, the sites themselves were not compromised. Instead, attackers managed to push malicious ads through at least three major advertising networks and exchanges: The Rubicon Project, Right Media (now Yahoo Ad Exchange) and OpenX.


Proofpoint has proactively attempted to provide information to these networks, and as of Saturday, October 18th, we believe these networks to have taken action to address the issue,” the Proofpoint researchers said.

The malicious ads “passed through multiple parties including exchanges, optimizers, ad networks and websites, all without detection at any step,” the researchers said. “It is clear that site owners and ad distributors need to invest in more advanced tools to detect malicious advertisements that are embedded in the ad stream. In particular, site owners cannot and should not assume that the ad networks are taking care of this for them, and should proactively seek tools for online brand protection.

In order to be in the safe side, your must keep your Flash or other browser plugins up-to-date and also install plugins from secured and trusted sources.

0 comments:

Post a Comment