Mainstream websites, including those published by The New York Times , the BBC, MSN, and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned. The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday by Trend Micro. The new campaign started last week when “Angler,” a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network. According to a separate blog post from Trustwave’s SpiderLabs group, one JSON-based file being served in the ads has more than 12,000 lines of heavily obfuscated code. When researchers deciphered the code, they discovered it enumerated a long list of security products and tools it avoided in an attempt to remain undetected. “If the code doesn’t find any of these programs, it continues with the flow and appends an iframe to the body of the html that leads to Angler EK [exploit kit] landing page,” SpiderLabs researchers Daniel Chechik, Simon Kenin, and Rami Kogan… Read full this story
- 'Madden 19' Patch Notes: September Title Update Adds New Celebration Dance, Rules Changes
- Video of 'swimming' tarantula at Big Bend Ranch spooks Texans
- ‘Are you on crack?’ Newsom attack ad is deceptive
- The Next Big Internet Threat
- M&M's new Nutella-flavor candy means big business for Tennessee
- Hurricane Michael to hit Panama City Beach, then spread winds and rain north to Columbus
- New York Today: Could Hurricane Florence Hit New York?
- Updating the shallow ‘dug’ water well can help N.H. avoid arsenic
- Attack ads and a big mistake: The national election comes to town
- Burrow's big game leads No. 5 LSU past Ole Miss, 45-16
- Kansas City Chiefs at New England Patriots: Live updates and analysis
- Updating the shallow 'dug' well for the modern world
Big-name sites hit by rash of malicious ads spreading crypto ransomware [Updated] have 321 words, post on arstechnica.com at March 15, 2016. This is cached page on CHUTEU. If you want remove this page, please contact us.