Beware of Risky Ads on Tumblr

Beware of Risky Ads on Tumblr

Online users have come to rely on social media and social networking sites to also update them on current events and commentaries, general news, and what’s happening just down the street and around the corner.

Twitter and Facebook are the first go-to sites for most when it comes to real-time news updates. For some, Tumblr.

dailynewsz[dot]tumblr[dot]com

We found the above site posting what appears as news clips but not on a daily basis, as indicated in the URL, unfortunately. According to Google Translate, the site uses both Swahili and Urdu.

This site serves ads on its default page and on individual posts. So every time someone shares one, the ads are shared with it. Below is a screenshot of a post:

The supposed daily news page on Tumblr

click to enlarge

Online advertisement is a major source of revenue. Unfortunately, normal ads can easily become malvertisements, serving as a go-between for users and sites hosting malicious software.

For this particular Tumblr page, it uses the ad network Yllix Media. Google Safe Browsing profiled its official website here. Other third-party sites either blacklist the domain or flag it as untrustworthy due to its history of leading users to infected sites.

As of this writing, the ads are benign, but we may never know several months from now if this will still be the case.

Dear Reader, we encourage you to use ad blockers, such as AdBlock Plus (ABP) or NoScript (for Mozilla-based browsers only), if you don’t want ads to appear on sites you visit. I personally use Ghostery. If you’re not using one, please be wary of ads you click.

Malwarebytes Anti-Malware users are protected from malvertisements because of its Website Blocking feature. You can read more about this on “Oh, the Sites You Will Never See”, an extensive post written by our Malware Intelligence Lead, Adam Kujawa.

Jovi Umawing

ABOUT THE AUTHOR

Jovi Umawing

Knows a bit about everything and a lot about several somethings. Writes about those somethings, usually in long-form.