1. #1
    hackerman1 is offline Moderator
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default AdSense Abused with Malvertising Campaign

    Ads are dangerous....

    "AdSense Abused with Malvertising Campaign

    By Denis Sinegubko on January 14, 2015

    Last weekend we noticed a large number of requests to scan websites for malware because they randomly redirected to some “magazine” websites.
    Most of them mentioned the lemode-mgz .com site.
    In all cases, the symptoms were the same.
    Some users randomly got redirected when they clicked on links or loaded new pages.
    They all reported that the new page would show up for a second or two and then it would redirect them to those magazine websites.


    The redirects were platform and browser-agnostic – Windows, Mac, Linux, mobile browsers – they all got redirected.
    However, while some visitors regularly saw those redirects and even complained that the websites were barely usable because of them, other visitors have never been redirected.

    We scanned these sites but couldn’t find any server-side problems.
    The nature of the redirects (page loaded and then redirected after a few moments) suggested that those were client-side redirects: either some JavaScript or the meta refresh tag.
    We couldn’t find anything that would change the HTML and JavaScript code of the site itself, so most likely the redirects originated in third-party scripts, which looked quite plausible since all the websites we worked with run third-party ads.

    "

    Full story: AdSense Abused with Malvertising Campaign | Sucuri Blog

  2. #2
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,318

    Default

    Yeah - I had read about it here earlier.

    But Malvertising attacks have existed for a long time for online advertising companies. Precaution is the only key to avoid malvertising.

  3. #3
    hackerman1 is offline Moderator
    Join Date
    Dec 2008
    Location
    Sweden
    Posts
    1,525

    Default

    Quote Originally Posted by HappyAndyK View Post
    Yeah - I had read about it here earlier.
    Actually I found it here, in CERT-SEs weekly letter: https://www.cert.se/2015/01/cert-se-s-veckobrev-v-3

    (CERT-SE is the National CERT of Sweden, a Computer Security Incident Response Team)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22