Cyber criminals are infecting major websites with malware now a days. Over last weekend, several websites like New York Times, BBC, MSN, Answers.com, AOL.com and thousands of other sites infected by cyber criminals to serve malicious ads to visitors. Tens of thousands of users clicking on the ads ended up on sites that launched automated attacks against their computers using the Angler exploit kit.
The Angler exploit kit, once infected, will either install the TeslaCrypt ransomware or Bedep Trojan. In other words, users either found their files locked and held for ransom, or got a flood of other malware on their system.
While malicious ads are not a new phenomenon, the newly found infections are alarming. Most big ad networks have good security mechanism to deal with them but cyber criminals always find ways and means to bypass these security checks.
In the latest malvertising infections, security firm Trustwave found that the hackers bought expired domains of legitimate online marketing companies. They then used those domains to appear as valid businesses and purchase ad space on a huge number of ad networks, including Google’s DoubleClick, Adnxs, Rubicon, AOL, AppNexus and Taggify.
The hackers installed these codes in the ads on big domains to infect views with malware. The code had a unique feature to avoid infection on machines that had specific anti virus tools installed. The malware would then look of weak spots including out-of-date browsers and old versions of Adobe Flash, Java, Silverlight and other browser plug-ins.
One of the best ways to protect your computer against any virus/malware including the one above is to keep your browser and your computer’s operating system updated with the latest patches. Also keep your antivirus software updated with latest virus definitions. This leaves fewer security holes for hackers to break through.
You should also update any browser plug-ins you use, such as Adobe Flash or Java. Even better, uninstall these plug-ins or set them to only run when you allow it.
If an attack makes it through your browser, you want to make sure it doesn’t get much farther. Switching your Windows account from an administrator account to a standard account keeps most viruses from installing and immediately eliminates 86 percent of the threats out there.