Malvertising Has Now Spread to Video Ads

[JerkyMcDilerino]

Source: http://news.softpedia.com/news/malvertising-has-now-spread-to-video-ads-496161.shtml

 

According to The Trust Media team, a malicious SWF file was downloaded on the victim's computers when accessing a video page. The malicious file was hosted on the brtmedia.net domain and was imitating a video player.

 

This SWF file executes its malicious load only on lesser known sites, avoiding large video platforms, where security teams continually search their sites looking for problematic ads.

 

The actual attack happens when the SWF file injects JavaScript code in the page where the video ad is supposed to display, simulating a winning ad bid, but actually loading a 1px by 1px hidden iframe.

 

This iframe loads a popup windows that scans the user's computer settings and prompts him with a message to update some of his local software.

 

If the user is careless to click on the popup, he will download malicious software packed with PUPs(Potentially Unwanted Programs) and other malware.

 

 

[Trik'Stari]

Sounds like we need to ban auto-playing ads then.

[Godlygamer23]

So much for "common sense" huh?

[skyress3000]

So much for "common sense" huh?

You still have to click the popup to get a virus, and it says they avoid large sites because of malware protection.

[Admiral Naismith]

So much for "common sense" huh?

Thomas Paine still brought up many relevant points-

Oh I see what you mean.

 

#freemalwarebytesmasterrace

[Master Disaster]

You still have to click the popup to get a virus, and it says they avoid large sites because of malware protection.

I think that was kinda the point of Godly's post.

[MLG_Dwarf_]

I think that people just need to grow a pair.It's just like riding a bike or driving a car, you have to accept the risks that come with it the same applies to browsing the Internet.

[daniellearmouth]

Oh, of course, it's a .swf......

[Belgarionbg]

Source: http://news.softpedia.com/news/malvertising-has-now-spread-to-video-ads-496161.shtml

 

According to The Trust Media team, a malicious SWF file was downloaded on the victim's computers when accessing a video page. The malicious file was hosted on the brtmedia.net domain and was imitating a video player.

Then just take control of whatever is trying to load.

For example with uMatrix.

 

[Si3Rra_7]

Oh damn , imma have to stop flash then

[TetraSky]

Alright, before I was letting the flash plugin "Always Activate", now I'm gonna make it "Ask to Activate". If I get too annoyed with it, it's going in the garbage.

[The_Strict_Nein]

And this is how to justify ad-block

[JerkyMcDilerino]

Then just take control of whatever is trying to load.

For example with uMatrix.

 

Nice security setup, ESET Smart Security 8 + Malwarebytes Anti Exploit + Malwarebytes Anti Malware. 

[ManWithBeard1990]

But downloading said virus still requires you to actually run it for it to be harmful, does it not?

[Midnitewarrior4]

well time for adblock

[Belgarionbg]

Nice security setup, ESET Smart Security 8 + Malwarebytes Anti Exploit + Malwarebytes Anti Malware. 

Actually is ESET Antivirus 9  + Malwarebytes Anti Exploit + Malwarebytes Anti Malware + Outpost Firewall Pro. (eset firewall is too plain for my taste)

Everything set to extreme killing ofc.

[JerkyMcDilerino]

But downloading said virus still requires you to actually run it for it to be harmful, does it not?

That's malware. Just think computer virus as a human virus, once they get in contact with you, you already infected. Unlike malware, they can sit on your computer all day without doing anything. Until you execute the program that's were bad boys begin its nasty business.