One more good reason to Block Adds Online! "CryptoWall then encrypts the end-users’ hard drive and will not allow access until the victim pays a fee over the Internet for the decryption key". Check out this detailed Article, below. I haven't had a reason to try this out. But, there is a Sight, that could help you Decrypt your Files, if you did fall Victim to CryptoLocker. FireEye and Fox-IT have partnered to provide free keys designed to unlock systems infected by CryptoLocker. Go here, https://www.decryptcryptolocker.com/. And check out more info in the links at the bottom too...

Don

Malware in Ad Networks Infects Visitors and Jeopardizes Brands

Posted: Wednesday, October 22, 2014
By Wayne

Share Share on facebook Share on twitter Share on email Share on gmail More Sharing Services

In the past few days, researchers at Proofpoint have detected numerous high-traffic websites hit by a malvertising campaign. These websites include various properties in the Yahoo, Match.com, and AOL domains, among others, potentially exposing as many as 3 million visitors per day and generating an estimated US$25,000 per day for the attackers.

PART I: Overview of a malvertising campaign

What is Malvertising?

As we described recently, Malvertising attacks use online advertising channels to infiltrate malware into the computers of unsuspecting users by embedding malicious code within legitimate advertisements on trusted websites. There is no visible indication that the trusted site is compromised: simply by visiting a site, users can get infected via “drive-by download”. Malvertising attacks are particularly hard to detect because most advertising on trusted sites comes from a variety of ad networks – different visitors will see different ads from different places, not all of which will be malicious. Malvertising attacks are a growing problem; research shows that billions of malicious advertisements are being served each year. Malvertising attacks are especially virulent for two reasons. First, leveraging the online ad network gives attackers the ability to target specific groups; attackers can ensure infection across a designated demographic or targeted set of audiences. Second, because there are so many players in the supply chain through which a given advertisement passes, attackers can more easily avoid detection.

The impact of Malvertising is not limited to end-users; the publishers and advertisers are also victimized to the extent that they are exposed to brand damage: end-users are unaware of the distinctions between sites, networks, and stolen ad creative content. As more and more business-related sites carry ads, and attackers increasingly leverage the online ads ecosystem to target users, the security implications of malvertising are significant for publishers and Enterprises alike.

What did Proofpoint detect?

Without having to click on anything, visitors to the impacted websites may be stealthily infected with the CryptoWall 2.0 ransomware. Using Adobe Flash, the malvertisements silently “pull in” malicious exploits from the FlashPack Exploit Kit. The exploits attack a vulnerability in the end-users’ browser and install CryptoWall 2.0 on end-users’ computers. Similar to the behavior of other “ransomware,” CryptoWall then encrypts the end-users’ hard drive and will not allow access until the victim pays a fee over the Internet for the decryption key. Typically, the end-users face an escalating time deadline; failure to pay by the deadline results in their hard drives being permanently encrypted, thus rendered effectively useless, with all information inaccessible.

Which websites were impacted?