Malvertising, Ransomware and Ad Blockers

Posted: March 19, 2016 in Security
Tags: , , , , , , ,

Chuck Talking Tech / by Chuck Bienenfeld

March 19, 2016

Disclaimer, I am a happy user of UBlock Orgin. I use it primarily due to all the behind the scenes data tracking and system fingerprinting being done via JavaScript by the advertising, ISPs and web communities.  It also helps prevent ads from 3rd party sites where malivertising so readily exists.  I am also frustrated that our data is considered free game and not ours to control as we see fit.

And now the return of the Malvertisers. As recently reported in The Hacker News and Arstechnica ransomware is being distribute on nationally noted sites such as The New York Time, BBC, MSN and AOL.  In these cases the hackers bought the expired (2006) domain Brentsmedia and started place fake ads.  When a user clicks on these ads they are taken to the hackers malicious website.  These malicious site contain software kits that install ransomware that locks all the files on the users system.  At that point without a backup of the files the user is required to pay a ransom to get the key that unlocks the files. The ransom need to be paid in bitcoins and can range from $300 to a recent exploitation of a hospital that costed $1700.

Bottom line is that we have to practice safe surfing with defense in mind. Use your computer as a limited user (see blog posting “Best Way to Protect Yourself is You”).  Without admin privileges most programs can not run or install without you providing a user and password.  Also hover over ads before clicking to make sure the site your being directed to is the same as the ad. And lastly, for the foreseeable future use an ad blocker to block ads not being servers from the site your visiting and limit the data being collected.

Please let me know any other action you found that have help in limiting your attack surface.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s