http://images.techhive.com/images/article/2015/05/malware_adware-100585483-primary.idge.jpg Credit: Thinkstock
Malware masquerading as advertising is a growing problem, and the ad industry must figure out how to weed out scammers from legitimate companies.
By:By Fahmida Y. Rashid
As the practice of delivering malware through online ads becomes increasingly popular among cyber criminals, the advertising industry has to rethink how it handles online advertisements.
In the month of August alone, researchers at the antivirus firm Malwarebytes have found and reported several so-called malvertising campaigns, including the big campaign that inserted malicious ads into the ad network used by Yahoo and its subsites, such as News, Finance, and Games. The same bad actor also tricked the ad network used by eBay. Similar campaigns impacted visitors to dating site PlentyOfFish and the media content site for Australian telecommunications provider Telstra this week, and the same ad network displayed malicious ads on MSN, Malwarebytes said.
The malvertising campaign that tripped up Yahoo.com visitors was the work of a Russian threat actor called Fessleak, said Patrick Belcher, director of security analytics at Invincea. Fessleak purchased video display advertisements via a real-time ad bidding network to target Yahoo visitors and infect them with click-fraud bots and deliver ransomware. It turns out Fessleak always includes Flash zero days in his campaigns, making it easier to target a large number of victims who would have no chance to patch those flaws.
The zero-day exploits from the Hacking Team, the maker of government surveillance software, breach becoming public last month "was a bonanza" for Fessleak, Belcher said. While Adobe has patched the vulnerabilities, users who have not yet applied the updates are susceptible to the attack.
full article
