New
#1
Another good reason to ban Internet advertising (and Flash).
"Old Media" should lobby the Government; "No one has ever caught PC malware from a newspaper ad."
SourceYahoo has shut down a massive malware campaign that may have affected millions of visitors to its sites.
Yahoo confirmed it had stopped the scheme, which began last week, which had been using Yahoo's ad network to infect end users PCs with malware. 'Malvertising', as it's known, is an increasingly common technique where an attacker essentially tricks an automated ad network into delivering malware embedded in ads. Malvertising is a silent killer because malicious ads do not require any type of user interaction in order to execute their payload. The mere fact of browsing to a website that has adverts (and most sites, if not all, do) is enough to start the infection chain," said Jérôme Segura, a senior security researcher at Malwarebytes, the security company that discovered the attack.
According to Segura, over nearly a week the malicious ads, which were served through ads.yahoo.com, redirected Yahoo visitors to several different domains that ultimately exposed them to the Angler exploit kit. Some of those redirect domains were hosted on Microsoft's Azure, the researcher noted.
Exploit kits contain attacks for flaws in widely-used browser plugins for Chrome, Firefox and Internet Explorer, such as Adobe's Flash Player, Oracle's Java, Microsoft's Silverlight, and others. Typically the exploits target computers running outdated versions of the plugins.
Researchers revealed last week that another exploit kit dubbed RIG was infecting machines at a rate of 27,000 per day, primarily using malicious ads and a cocktail of recent Flash Player flaws.
Another good reason to ban Internet advertising (and Flash).
"Old Media" should lobby the Government; "No one has ever caught PC malware from a newspaper ad."
Hi there
Actually not quite true -- well you can't get PC malware but you most certainly can get Scammed -- people have often replied via Newspaper ads to "Scams" etc -- in particular - "Ponzi Schemes" and Investment Boiler House schemes. There are all sorts of other Scams one could get lured into via a newspaper Ad. What about "Timeshares" on non existent properties etc etc.
Scams have been around since Man ever started trading -- it's just that it's probably easier to become a "Scamee" (i.e a Victim) much quicker using the Internet than by using other conventional ways of advertising.
The only way you could stop Scams is to ban TRADING of any sort -- That's just not going to happen.
Education is the only answer :
Remember "The Price of Education is expensive -- but the price of Ignorance is Astronomical". I don't know who first said that but it's even truer today than probably when that phrase was first coined.
I do agree though Non Static ads are HUGELY irritating -- I can live with some STATIC advertising on sites -- things do have to be paid for - but irritating the customer seems the wrong way to go about it - especially as it leads to POORER security too.
Cheers
jimbo
For very long time now I have Flash set to ask to initialize and don't have no Flash based live adds but at most leave black holes on screen. Wander if any of adds are made in HTML5 ?
Three programs that I keep off my computers are Adobe Acrobat, Java and Adobe Flash. Prevents a lot of problems.
How do you tell if your infected or not? The way I back-up recently may have saved me. However, I may need to re-do a clean install of 10 and delete the backup image of windows 10. Firefox defaults to yahoo for search results.
There's no guarantee that you will be infected, odds of getting infected are not great. Some unusual activity may suggest infection but there are many other more dangerous things. Malwarebytes and others like that can detect and clean, I also use Advanced cleaner and Avast Browser Cleanup.
FF can be set to use Google and other search engines by default.