Did You Visit The Huffington Post Web Site Last Week?

CNN is reporting that visitors to HuffPo and several other major sites last week might have caught a virus from malware infected Advertisements.

The malware only infected Windows PCs and only those running Internet Explorer 8 (does anyone really use IE any more?).  Even though IE11 is the current version of IE, according to CNN, IE8 is the most used version.

The ads were served by AOL’s ad network at least between December 31 and January 5, but may go back as far as October.

AOL refused to say how many times they served up the poison ads.  Perhaps they are worried about lawsuits, maybe?

BTW, you did not need to click on the ad to be infected.

The good news is that this malware does not actually encrypt your files, it just blocks your access to them, so there are ways to get your data back without paying the ransom.

This does point out some of the nasty side of online advertising.  The ad networks are moving so many ads and the ads are so dynamic that nobody is actually looking at the ads.  This particular piece of “malvertising” redirected the content 8 times until it arrived at a server in Poland that served up the malware.

Apparently, every single visitor to HuffPo during this time window was served up the ad.

Malvertising is becoming a bigger problem all the time and as people close down other attack vectors, this one may become more popular.

One reason it is such a problem is that most of the ads are active meaning code is executed when the ad is displayed without the user clicking on anything.  If the device is susceptible to the malware, it auto-magically becomes infected.  No muss, no fuss, no bother.

If the malvertising is covert, it could just lay in wait on your computer only doing something when told or when the computer is idle or at 2:00 in the morning or whatever.  You likely wouldn’t know unless you anti-malware software catches it.

Nice, huh?

NOTE: while HuffPo got caught up in this last week, this is not really a HuffPo problem but rather a general issue with online advertising.  The malware isn’t even resident on HuffPo’s site. Over the years, many sites have been the victim of this and it is only getting worse.  The sites are just trying to make a few bucks while giving away content.  There is nothing that HuffPo or anyone else is doing wrong;  it is something that the online advertising industry is going to have to figure out and other than going back to static, text based ads (can you say FAT CHANCE!), there is not an easy answer.

Mitch

 

Facebooktwitterredditlinkedinmailby feather