Security Market Segment LS
Friday, 18 March 2016 10:40

Malvertising hits BBC, Newsweek, NYT and MSN Featured


Links to malware inside online advertising bypassed the security systems of the advertising serving companies and distributed ransomware to unsuspecting ‘link clickers’.

Earlier this week major websites including BBC, Newsweek, New York Times and MSN ‘hosted’ malvertising on their sites that has been credited as the largest of attack of its type for two years. Previously Google’s DoubleClick and Zedo ad servers were ‘infected’ and YouTube, Amazon and Yahoo websites used advertisements served from them.

Although ad serving networks try to filter out malicious ones, occasionally altered ones’ slip in. On a high-traffic site, this means a large pool of potential victims. Websites that serve the ads are usually unaware of the problem.

AppNexus, one of the ad servers said it has an anti-malware detection system called Sherlock it uses to screen ads and also uses a filtering product from a third-party vendor. "We devote considerable financial resources to safeguarding our customers. Unfortunately, bad actors also invest considerably in developing new forms of malware,” said Josh Zeitz, vice president of communications.

The client websites were not at fault. Cybercriminals made copies of advertisements where links had been altered to infect users with ransomware. These copies were placed in legitimate advertising publishing companies and served to websites.

Security company Flexera estimates that tens of thousands of computers have been exposed which means some may have been infected with malware or file-encrypting ransomware. Also, the advertisements connected with servers hosting the Angler exploit kit that tries to find software vulnerabilities on a computer to deliver malware.

Steve Schmidt, VP of Corporate Development at Flexera Software said, “While this story is more spectacular than most because the targets are high-profile news sites, it illustrates precisely why software vulnerability management is a prerequisite for risk reduction. The majority of successful cyber attacks against organisations worldwide use known software vulnerabilities to gain access or escalate privileges inside corporate IT infrastructures. Once hackers have successfully exploited a vulnerability, they have the base to roll out their attack, moving around systems, collecting information, and deploying malware to steal or destroy business-critical information or cause disruption.”

Schmidt says that software vulnerability management is key in mitigating this risk. “For organisations, the best starting point to protect their data is to implement software vulnerability management tools to close those entry points, before they can be exploited. The right set of tools provides timely, relevant and comprehensive intelligence from a trusted source about vulnerabilities discovered and disclosed every day that could impact the environment; and it enables IT teams to act on that information – either by applying a tested security patch, or applying workarounds like sectioning off the vulnerable application from business critical data. Well implemented Software Vulnerability Management processes effectively reduce the attack surface for cybercriminals and hackers, consequently reducing the risk of security breaches.”


Another day, another exploit. Death and Taxes are no longer the two things you can be sure of. Most anti-virus/malware companies picked up on this story and most thankfully updated detection definitions. I found an interesting article on malvertising at Trend titled ‘Malvertising – when online ads attack.

Malwarebytes also has a blog post here that shows that Google, AppNexus, AOL and Rubicon ad servers were affected.

Of course you have to click to install - human error again.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Ray Shaw

joomla stats

Ray Shaw [email protected]  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!



Recent Comments