http://www.theguardian.com/technology/2016/mar/16/major-sites-new-york-times-bbc-ransomware-malvertising
This will be interesting because you would think major sites would have a plan for this kind of thing.
There have been a lot of problems with ad networks being hacked and used for malware. And it often gets overlooked by the folks who own/run the site. They're expecting the people who run the ad servers to take care of the security. One of the reasons why use of Ad Blockers has proliferated over the past year or so is due to the increase in malvertising.
Quote from: mirth on March 16, 2016, 12:03:19 PM
There have been a lot of problems with ad networks being hacked and used for malware. And it often gets overlooked by the folks who own/run the site. They're expecting the people who run the ad servers to take care of the security. One of the reasons why use of Ad Blockers has proliferated over the past year or so is due to the increase in malvertising.
Quick question- do you have to click on one of the sick ads to infected or is it enough that the ad played while you were reading the host page?
Quote from: Staggerwing on March 16, 2016, 06:55:14 PM
Quote from: mirth on March 16, 2016, 12:03:19 PM
There have been a lot of problems with ad networks being hacked and used for malware. And it often gets overlooked by the folks who own/run the site. They're expecting the people who run the ad servers to take care of the security. One of the reasons why use of Ad Blockers has proliferated over the past year or so is due to the increase in malvertising.
Quick question- do you have to click on one of the sick ads to infected or is it enough that the ad played while you were reading the host page?
Depends on the ad. Mostly I think they have to be clicked on, but I think there flash ads and video embeds around that can get you without you doing anything. If you suddenly find yourself being taken off site without you having done anything, you should be concerned.
This is a pretty good synopsis of the problem - http://www.wired.com/insights/2014/11/malvertising-is-cybercriminals-latest-sweet-spot/
This is why I use an ad blocker. It's for security, not because ads are annoying.
^ I use it because ads are annoying. But nice to know it helps with security as well. :)
Any recommendations for good ad-blockers for both Chrome and Safari?
This is my favorite
https://adblockplus.org/
Thanks!
I also started using this recently - https://www.eff.org/privacybadger (https://www.eff.org/privacybadger)
And this is worth a read - http://www.nytimes.com/2016/02/18/technology/personaltech/free-tools-to-keep-those-creepy-online-ads-from-watching-you.html
Quote from: mirth on March 16, 2016, 07:35:48 PM
This is my favorite
https://adblockplus.org/
+100! I've used that for quite a while and love it.
[edit]Of course, I uh, disable it on sites like, er, Grogheads. :D
I do have it disabled here and on other select sites.
just don't block them here :knuppel2:
Umm, see my post above yours ;)
It is off on Grogheads and other sites. It's easy to tell that it is off because the little icon turns grey on sites where it's off.
Quote from: mirth on March 16, 2016, 07:37:02 PM
I also started using this recently - https://www.eff.org/privacybadger (https://www.eff.org/privacybadger)
I like that. I added it and it's running happily next to AdBlock Plus. Not on this site, of course.
I actually had something that seemed a lot like one of these hit my iPad. So much for Apple being invulnerable. I went to my phone and looked up the website I was being directed to and someone gave me the advice to clear my Safari cache. That worked.
Quote from: DoctorQuest on March 17, 2016, 07:16:34 PM
I actually had something that seemed a lot like one of these hit my iPad. So much for Apple being invulnerable. I went to my phone and looked up the website I was being directed to and someone gave me the advice to clear my Safari cache. That worked.
Loathe though I am to defend Apple, iOS is a Unix-like and is therefore inherently far more secure than Windows (although certainly not invulnerable - nothing is). The malware that hit you targeted your browser, not your OS, as evidenced by the fact that clearing the cache solved the issue (which also shows how weak the malware was, in that it couldn't embed itself any further than a cache).
Quote from: Huw the Poo on March 18, 2016, 01:29:20 PM
Quote from: DoctorQuest on March 17, 2016, 07:16:34 PM
I actually had something that seemed a lot like one of these hit my iPad. So much for Apple being invulnerable. I went to my phone and looked up the website I was being directed to and someone gave me the advice to clear my Safari cache. That worked.
Loathe though I am to defend Apple, iOS is a Unix-like and is therefore inherently far more secure than Windows (although certainly not invulnerable - nothing is). The malware that hit you targeted your browser, not your OS, as evidenced by the fact that clearing the cache solved the issue (which also shows how weak the malware was, in that it couldn't embed itself any further than a cache).
Agreed. I just like to rag on Apple :)