Search My Blog

Friday, October 24, 2014

Malware in Ad Networks Infects Visitors and Jeopardizes Brands - One more good reason to Block Adds on the Internet

One more good reason to Block Adds Online! "CryptoWall then encrypts the end-users’ hard drive and will not allow access until the victim pays a fee over the Internet for the decryption key". Check out this detailed Article, below. I haven't had a reason to try this out. But, there is a Sight, that could help you Decrypt your Files, if you did fall Victim to CryptoLockerFireEye and Fox-IT have partnered to provide free keys designed to unlock systems infected by CryptoLocker. Go here, And check out more info in the links at the bottom too...


Malware in Ad Networks Infects Visitors and Jeopardizes Brands

Posted: Wednesday, October 22, 2014
By Wayne

In the past few days, researchers at Proofpoint have detected numerous high-traffic websites hit by a malvertising campaign. These websites include various properties in the Yahoo,, and AOL domains, among others, potentially exposing as many as 3 million visitors per day and generating an estimated US$25,000 per day for the attackers.

PART I:  Overview of a malvertising campaign

What is Malvertising?

As we described recently, Malvertising attacks use online advertising channels to infiltrate malware into the computers of unsuspecting users by embedding malicious code within legitimate advertisements on trusted websites. There is no visible indication that the trusted site is compromised: simply by visiting a site, users can get infected via “drive-by download”. Malvertising attacks are particularly hard to detect because most advertising on trusted sites comes from a variety of ad networks – different visitors will see different ads from different places, not all of which will be malicious. Malvertising attacks are a growing problem; research shows that billions of malicious advertisements are being served each year. Malvertising attacks are especially virulent for two reasons. First, leveraging the online ad network gives attackers the ability to target specific groups; attackers can ensure infection across a designated demographic or targeted set of audiences. Second, because there are so many players in the supply chain through which a given advertisement passes, attackers can more easily avoid detection.

The impact of Malvertising is not limited to end-users; the publishers and advertisers are also victimized to the extent that they are exposed to brand damage: end-users are unaware of the distinctions between sites, networks, and stolen ad creative content. As more and more business-related sites carry ads, and attackers increasingly leverage the online ads ecosystem to target users, the security implications of malvertising are significant for publishers and Enterprises alike.

What did Proofpoint detect?

Without having to click on anything, visitors to the impacted websites may be stealthily infected with the CryptoWall 2.0 ransomware. Using Adobe Flash, the malvertisements silently “pull in” malicious exploits from the FlashPack Exploit Kit. The exploits attack a vulnerability in the end-users’ browser and install CryptoWall 2.0 on end-users’ computers. Similar to the behavior of other “ransomware,” CryptoWall then encrypts the end-users’ hard drive and will not allow access until the victim pays a fee over the Internet for the decryption key. Typically, the end-users face an escalating time deadline; failure to pay by the deadline results in their hard drives being permanently encrypted, thus rendered effectively useless, with all information inaccessible.

Which websites were impacted?


Encrypt and Decrypt or Digitally Sign files via GnuPG GUI and other methods as well
FireEye - Fox IT Scanner
How to PGP encrypt, decrypt or digitally sign files via GnuPG GUI - Xmodulo
DEFCON 16: Malware RCE: Debuggers and Decryptor Development - YouTube

VirusTotal is a free service that analyzes suspicious files and URLs
How to Make a Quick and Easy Online Antivirus Check of a File or App Before Downloading it
VirusTotal - Free Online Virus, Malware and URL Scanner
VTchromizer - VirusTotal
VTzilla :: Add-ons for Firefox
VTzilla - VirusTotal

CryptoLocker Ransomware Information Guide and FAQ
Cryzip Ransomware Trojan Analysis
How to Clean and Protect Your Android Device Against Ransomware
How to Deal with the Ransomware Called CryptoLocker
IntelCrawler - Multi-tier Intelligence Aggregator - Copycat ransomware demands cash to unscramble files
Latest ransomware, Cryptolocker, hits systems and pocketbooks hard - TechRepublic
Massive botnet takedown stops spread of Cryptolocker ransomware - Computerworld
Ransomware 2.0 Comes to America
Ransomware Crooks Offering Customer Service
Ransomware hits admin workstation and kills 7 servers
Ransomware leverages victims' browser histories for increased credibility - Computerworld
Ransomware Removal - YouTube
The FBI locked your computer? Watch out for new spins on ransomware | TechRepublic
What Ransomware is and How to Deal with It
Add Blockers, Web Browser Addons
Adblock Plus: Save your time and traffic
Known Adblock Plus subscriptions
Adversity Adblock List
Adblock Plus Pop-up Addon
AdBlock for Google Chrome now stops ads before they download
Element Hiding Helper
Adblock Plus :: Firefox Add-ons
Adblock Plus Filter Uploader Add-ons for Firefox
Adblock Plus Watcher Add-ons for Firefox
Adblock Plus :: Add-ons for Firefox
Meet the Speed DNS Developer :: Add-ons for Firefox
Search Add-ons Add-ons for Firefox
Adblock Plus :: Add-ons for Thunderbird
Chrome Web Store - Adblock Plus for Google Chrome™ (Beta)
Chrome Web Store - AdBlock
Virus info Linux and Windows
Antivirus scan for 5cb14d0745d7b09bcbeba3114cc06c5f at UTC - VirusTotal
avast! blog » Linux Trojan “Hand of Thief” ungloved
avast! Linux Home Edition
best security list 2013 - Search on DonsDeals Blog
Best Security List - Google Custom Search on DonsDeals Blog
best secutriy list - Google Custom Search on DonsDeals Blog
Clam AntiVirus
Clam AntiVirus
ClamWin CD/USB - HowTo
Comodo - Google Search
Computer worm - Wikipedia, the free encyclopedia
crafted.win32file.ols - Google Search
CrowdStrike: HTTP iframe Injecting Linux Rootkit
DonsDeals: Avast! AntiVirus For Both Window and Linux Home Edition
DonsDeals: BBC NEWS | Programmes | Click | BBC team exposes cyber crime risk
DonsDeals: Best Free Rootkit Scanner/Remover
DonsDeals: Conficker Worm Called An Epidemic
DonsDeals: CrowdStrike - HTTP iframe Injecting Linux Rootkit (Vrius info)
DonsDeals: Download Comodo System-Cleaner
DonsDeals: Facebook Users Targeted By Fake Virus Alert
DonsDeals: Firewall & Antivirus Software Suite - Internet Security | Comodo
DonsDeals: Free Agent: Linux Firewalls and Antivirus--Needed or Not? - PCWorld
DonsDeals: Free Desktop PC Security - Free Downloads Keep your PC Safe | Comodo
DonsDeals: Immunet v2 update on the way: adds multi-engine malware and virus scanning to cloud-powered core
DonsDeals: Jotti's malware scan
DonsDeals: Linux users be Aware of this Trojan - Hand of Thief malware could be dangerous (if you install it) - TechRepublic
DonsDeals: M86 Security Finds URL Filters Anti Virus Scanners Ineffective
DonsDeals: New Kneber Botnet Tied To 75 000 Systems
DonsDeals: PC Hell: Free RootKit Removal Tools and Software
DonsDeals: Privacy = Security and Security = Privacy...
DonsDeals: Probably the best free security list in the world
DonsDeals: Probably the Best Free Security List in the World
DonsDeals: Probably the Best Free Security List in the World - Updated 28. August 2012
DonsDeals: Re: Viruses now penetrating deeper | Tech News on ZDNet
DonsDeals: Setting up Avast Antivirus to Protect your Windows PC...
DonsDeals: ‪TDL4 MBR Rootkit Virus Alureon TDSS Removal by Britec‬‏ - YouTube
DonsDeals: The first Linux botnet? | ITworld
DonsDeals: There are Viruses, Trojans, Worms and Rootkits, that can infect a Linux OS
DonsDeals: Trinityhome : New TRK 3.4: easier than ever before
DonsDeals: Updated Conficker Ropes Victims into Rogue Antivirus Scam
DonsDeals: - Free Multi-Engine Online Virus Scanner v1.02, Supports 37 AntiVirus Engines!
Download Enhanced Mitigation Experience Toolkit 4.1 from Official Microsoft Download Center
Download RogueKiller (Official website)
Download System-Cleaner
Firewall & Antivirus Software Suite - Internet Security | Comodo
Free Antivirus for Windows - Open source GPL virus scanner
Google Translate -
Hand of a Thief malware targets Linux users’ bank accounts | Apps and Software |
Hand of Thief malware could be dangerous (if you install it) - TechRepublic
How to Detect Rootkits on a Computer |
Jotti's malware scan
KlamAV - ClamAV for KDE | Free Development software downloads at
klamav - Google Search
KlamAV GUI Screen Animation
Linux Today - Hand of a Thief malware targets Linux users' bank accounts
Linux Virus - Google Custom Search on DonsDeals Blog
'Neverquest' trojan threatens online banking users - Computerworld
New Linux Rootkit Emerges | threatpost
News | VirusBlokAda
Online banking faces a new threat - Securelist
online virus scan file upload - Google Search
Powerful Free Microsoft Security Tool EMET has Been Updated
Probably the Best Free Security List in the World
Remote PC through VPN Access - Secure Remote Access | Comodo
remove sasser virus - Google Search
remove sasser virus - Google Search
RogueKiller - CNET
rootkits computer - Google Search
Rootkit - Wikipedia, the free encyclopedia
Search results for Gizmo's Freeware website
The Rootkit Hunter project
trinity - Google Search
Trojan horse (computing) - Wikipedia, the free encyclopedia
trojans computer - Google Search
Trojans - Google Search
trojan.tdss-7762 - Google Search
Trojan - Trojans and Viruses in Computer Networking
Unhide homepage - Welcome - Free Multi-Engine Online Virus Scanner v1.02, Supports 36 AntiVirus Engines!
wine gecko - Google Search
WinPlanet Downloads for Windows Desktop Utilities
worms computer - Google Search
Neverquest Trojan: Built to Steal from Hundreds of Banks | We use words to save the world | Kaspersky Lab Official Blog
Neverquest banking malware more dangerous than Zeus trojan - TechRepublic
Security firm IDs malware used in Target attack - Computerworld
A First Look at the Target Intrusion, Malware — Krebs on Security
IE10 under attack as hackers exploit zero-day bug - Computerworld
Adobe Releases Fix for Two Shockwave Player Vulnerabilities | Digital Trends
How to Protect Your Linksys Router from TheMoon Malware | Digital Trends
New Malware Targets Linksys Routers
Surviving the Death of Windows XP
What you need to do about Heartbleed - Computerworld
Fake Antivirus Targets Firefox | PCWorld
Remove Fake Microsoft Security Essentials Alert by Britec - YouTube
Adobe patches critical flaws in Flash Player and AIR - Computerworld

No comments: