[Infowarrior] - Major sites including New York Times and BBC hit by 'ransomware' malvertising

Richard Forno rforno at infowarrior.org
Wed Mar 16 07:16:50 CDT 2016


(So of course the trend is to force users to disable adblockers in order for the news site to allow this sort of crap to be forced on them.  Because, profits.  -- rick)

Major sites including New York Times and BBC hit by 'ransomware' malvertising

Alex Hern

http://www.theguardian.com/technology/2016/mar/16/major-sites-new-york-times-bbc-ransomware-malvertising

A number of major news websites have seen adverts hijacked by a malicious campaign that attempts to install “ransomware” on users computers, according to a warning from security researchers Malwarebytes.

The attack, which was targeted at US users, hit websites including the New York Times, the BBC, AOL and the NFL over the weekend. Combined, the targeted sites have traffic in the billions of visitors.

The malware was delivered through multiple ad networks, and used a number of vulnerabilities, including a recently-patched flaw in Microsoft’s former Flash competitor Silverlight, which was discontinued in 2013.

When the infected adverts hit users, they redirect the page to servers hosting the malware, which includes the widely-used (amongst cybercriminals) Angler exploit kit. That kit then attempts to find any back door it can into the target’s computer, where it will install cryptolocker-style software, which encrypts the user’s hard drive and demands payment in bitcoin for the keys to unlock it.

 
The New York Times is one of the high-profile websites affected by the attack. Photograph: Bloomberg via Getty Images
Such software, known as ransomware, is fast becoming the most popular kind of malware for criminals to install on compromised computers, beating out lesser threats such as adware or trojans. Earlier this month, the first Mac OS X ransomware appeared, as part of an infected installation of BitTorrent client Transmission.

While “drive-by” installations tend to only demand one or two bitcoins as a ransom, worth a few hundred pounds, more targeted ransomware attacks have demanded much more in payment. An LA hospital was revealed to have paid $17,000 (£12,000) in ransom to an attacker in February.

The vector of attack, through compromised ad networks, will also serve to inflame the debate around adblockers. The browser plugins have been attacked as a “modern-day protection racket” and criticised for harming the business model of free online publications, but users counter that they protect their devices from attacks of this sort, as well as making the web surfing experience faster, more pleasant, and less draining on mobile devices’ batteries.

--
It's better to burn out than fade away.



More information about the Infowarrior mailing list