April 21, 2015 | BY
Discovering a new vulnerability in a popular piece of software is the Holy Grail for cybercriminals. The period between this vulnerability being weaponized into an exploit and becoming public knowledge poses a huge security risk to consumers and businesses. During this time, a completely open window of attack exists because even fully patched systems are affected. This is a zero-day.
April 16, 2015 | BY
A few days ago, we blogged about a malvertising attack on the HuffingtonPost website via a major ad network which took advantage of a vulnerability in the Flash Player. This campaign was stealth and did not last long thankfully, but another major attack was also being carried on around the same time, most likely by the same gang.
April 13, 2015 | BY
Malvertising continues to be one of the biggest and most effective infection mechanism which, for the most part, is based on rogue advertisers inserting malicious ads in the machine. We wrote several stories about this subject, but today, we wanted to get into a particular concept that is behind all of this called real-time bidding (RTB).
April 13, 2015 | BY
Malicious advertising attacks (malvertising) have been plaguing mainstream sites and their visitors a lot these past few years. While some are easy to spot and get rid of, others tend to be much more sophisticated and hard to shine light on. This past Saturday, we discovered a malicious advert that was displayed on huffingtonpost.com and that was used to deliver the Cryptowall ransomware via a Flash exploit.
February 24, 2015 | BY
We’re on a bit of an educational push here at Malwarebytes with the aim of helping Internet users become a bit more aware of the latest tricks that criminals are using to catch you out. Hopefully, this means you will be a bit safer online.
Today’s post takes a closer look at ‘malvertising’.
January 8, 2015 | BY
Cyber criminals are wreaking havoc on unpatched computers with this latest and the largest malvertising campaign in 2015 so far.
November 20, 2014 | BY
When it comes to online threats, these days website ads could be considered a grey area. For the majority of site owners providing free services or content, they’re good to have because they generate revenue from visits and clicks. For normal site visitors, they (we) have learned to gloss over the ads at best. Regardless […]
November 19, 2014 | BY
The commonly seen advertising known as Mindspark offers a lot of toolbars that are classified as PUPs. In this article we discuss some of the reasons why and show you how to avoid and remove them.
November 5, 2014 | BY
How far will the bad guys go to disguise a malvertisement attack? They are now using browser cookie to deliver malware.
September 30, 2014 | BY
Unfortunately, another incident where DoubleClick is part of the advertising chain has happened again.
September 27, 2014 | BY
The Pirate Bay is famous for its tumultuous relationship with copyright advocates and law enforcement. And yet, despite police raids and numerous trials, the torrent site is still going strong with a new infrastructure, as detailed in a recent article published by Torrent Freak. From a security standpoint, The Pirate Bay has been involved in notorious malvertising attacks, […]
September 18, 2014 | BY
Earlier today we warned people that both The Times of Israel and The Jerusalem Post were affected by a malvertising attack. It appears that this is a much larger and ongoing campaign that is affecting a number of other popular websites including doubleclick.net and Zedo.
September 18, 2014 | BY
Our honeypots just caught malicious activity coming out of The Times of Israel and The Jerusalem Post, popular online newspapers, which turned out to be an interesting case of malvertising.
August 14, 2014 | BY
Users of this social networking site are on a precarious position when we see pages using ad networks involved in malvertisement in the past.
July 22, 2014 | BY
PUPs are sneakily bundling themselves with legitimate software.
July 11, 2014 | BY
PUPs aka potentially unwanted programs continue to be a real nuisance.
June 26, 2014 | BY
A malvertising campaign employing stealthy methods of infection ‘double dips’ to make a profit and exploit their victims.
February 10, 2014 | BY
Aggressive online ads are redirecting mobile users to App Store or Play Store download page.
February 3, 2014 | BY
Popular DNS resolution service OpenDNS was targeted for a malvertising attack affecting a certain percentage of its user base.