Malvertising in plain sight | Avast

An elaborate and sophisticated criminal operation like something out of an Oceans 11 sequel has just been uncovered, and the caper here is mass malvertising. While investigating exploit kits, security researchers stumbled upon an operation where criminal activity abused the legitimate online advertising industry to spread trojans, ransomware, and more.   

The key figure in this malicious campaign is a user known as Master134. This user has hacked over 10,000 WordPress-based websites, stealing their traffic. He or she (or they) then sold this traffic to the legitimate ad network AdsTerra. The ad network, in turn, sold the traffic to resellers, as is industry standard. The resellers then proceeded to sell the traffic to the highest-bidding advertisers. In the case of Master134’s stolen traffic, the “advertisers” who outbid the rest were always cybercriminals posting infected ads. As the info has just come to light, the malvertising campaign threatening users is still in full swing.

Avast security evangelist Luis Corrons believes online advertisers should be held accountable for their content. “A content check should be performed by the ad network, on both the advertisements and the landing pages,” adding that background checks on the publishers and legally binding contracts threatening high fines would help the matter.

Avast recommends:

  1. Protect yourself from this kind of threat with an ad blocker. Not only do ad blockers keep the malvertising at bay, they also help pages load faster and minimize the distraction on your screen. Avast Adblock is a feature included in the free Avast Secure Browser, the only browser built for privacy by security experts.

  2. Always use an antivirus. No matter how malware approaches your system — through malvertising or otherwise — an effective antivirus will see it coming and block it. You can download and install the award-winning Avast Free Antivirus and put all worries about malvertising to rest. 

*** This is a Security Bloggers Network syndicated blog from Blog | Avast EN authored by Avast Blog. Read the original post at: