Several prominent news outlets, including BBC, MSN, AOL, and the New York Times, have fallen victim to a series of malicious ads that attempt to impose malware onto the sites’ visitors.
According to Malwarebytes, other sites with similar coordinated malware attacks include sites like Newsweek, TheWeatherNetwork, and NFL.com.
While the total number of individuals impacted by these attacks is currently unknown, it has been said that some of the larger websites attacked have over 100 million visitors a month, leading experts to believe a campaign of this nature is likely exposing tens of thousands of site visitors over the past 24 hours alone.
Cyber criminals appear to be targeting high-traffic, trusted sites looking to trick site visitors to click on what’re generally trusted ads.
Malvertising occurs when cyber criminals create ads that appear legit, but in reality, the ad spreads malware throughout your entire computer by hiding a small piece of code deep in the script. Once the ads clicked, the computer is connected to the criminals’ servers, and the malware is downloaded.
This type of attack has grown in popularity over the past few years, with research from RiskIQ indicating a 300% increase between 2014 and 2015. This type of attack is relatively easy to execute and allows for even the most immature hackers to infect your systems. To date, the most common disguise in malvertising has been fake Flash updates.
These cyber criminals are also employing harmful ads to trick surfers to click on links and install ransomware, an increasingly profitable attack type that has been exceedingly affecting web users. In fact, a report released by Intel found that ransomware increased by 127% in the last year alone.
In 2015, malvertising gained popularity amongst cyber criminals as a common method for ransomware distribution, falling just behind that of phishing scams. This means of attack can strike at any time and is often placed into click-baiting articles on popular websites. Essentially, a user clicks on a video, article, etc., and suddenly becomes confronted with a screen stating all your files, photos, and encrypted data have been one-way encrypted and will be held ransom until a ransom fee is paid.
This newest malvertising campaign strategically avoids systems with common security software, and the malware itself requires weak versions of software to exploit. To that end, it’s important than web users maintain basic security hygiene and install security updates to better protect you.
From an enterprise standpoint, reliable threat intelligence needs to be implemented to disturb any malware that enters the arena. It’s important to implement a layered security approach to your IT estate, and by working with NNT, your organization will be able to adopt a ‘layered and integrated approach’ to security that incorporates the right process, methodology and set of tools in order to guard your IT environment against today’s ever-evolving threat landscape.
With NNT's Change Tracker Gen7, your organization will come equipped with File Integrity Monitoring, compliance management, system hardening, threat intelligence & security configuration management all powered by Intelligent Closed-Loop Intelligent Change Control, all working to make your IT estate as secure and compliant as possible.
Read this article on InfoSecurity Magazine