Tits and ads: Malware-riddled banners stiff X-rated websites
An ongoing malvertising campaign that began in August by targeting Yahoo.com, MSN.com and other websites visited by millions of people has expanded to hit smut sites as well.
Many porn websites have been fingered with tainted advertisements via an ad network called TrafficHaus, a big player in supplying ads to adult networks.
Surfers visiting xHamsters and other popular grumble flick sites were in the firing line of attacks using the Angler Exploit Kit, ultimately geared towards planting malware onto systems running outdated versions of Internet Explorer.
“The malicious advert – served by TrafficHaus – was for a dating application called ‘Sex Messenger’ and was displayed often enough that we were able to reliably reproduce the infection in our lab, something that isn’t always feasible when it comes to malvertising,” web security firm Malwarebytes reports.
TrafficHaus was quick to stop the initial assault, but this has been followed up by another tainted ad attack slinging browser-based ransomware (browlock) at surfers frequenting xHamster. The ransomware page came from TrafficHaus, according to Malwarebytes.
“This latest example is a reminder that malvertising does not always equate to malware infections via exploit kits,” Jérôme Segura, senior security researcher at Malwarebytes, explains in a blog post.
“In fact, a very large portion of malvertising attacks push fraudulent pages (FBI browserlock ransomware, tech support scams, fake surveys, etc) because they can affect all platforms, and especially mobile users,” he added.
“Those sites are typically harmless, but display alarming messages and annoying pop-ups preventing users from closing their browser easily,” he concluded. ®
Bootnotes
Sex Messenger is an application to meet up with other adults. The program itself does not appear to be malicious as such, according to Malwarebytes.
Sponsored:
Go beyond APM with real-time IT operations analytics
Article source: http://go.theregister.com/feed/www.theregister.co.uk/2015/09/25/smut_site_tainted_ad_campaign_ie/