Malicious Adobe Flash Ads Hit High-Profile Websites
According to a post on the Bluetack Internet Security Solutions site, Newsweek.com is suspected of running rogue banner advertisements that try to trick visitors into installing fraudulent anti-malware programs. Newsweek.com is one of several high-profile websites accused of exposing its readers to dangerous ads.
The malicious ads have been appearing on Newsweek’s website via feeds that carry the Washingtonpost.com address. The ads redirect users to a site that falsely claims users’ PCs are infected with malware and urges them to buy and install software that will remedy the problem. The banner graphic posed as an ad for www.easy-forex.com, which bills itself as an online foreign currency exchange.
Malvertizing-like symptoms can be seen all over the net, on sites like MSNBC, Facebook, lime.com, Hotmail, MySpace and Yahoo. The ads are extremely hard to spot because they can sit dormant for days before the attacks begin. The use of multiple affiliates to buy and sell online ads also makes it hard for sales staff at established websites to separate legitimate ads from those that are designed to defraud or attack.
Recently, malicious hackers started using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks. In those attacks, which target Mac, Windows and Linux users running Firefox, IE and Safari, hackers are seizing control of the machine’s clipboard and using a hard-to-delete URL that points to a fake anti-virus program.
The attack is coming from Adobe Flash-based advertising on legitimate sites, including Digg, MSNBC.com, and, yes, Newsweek. Once the clipboard has been hijacked, the user can’t copy anything else over it, in some cases, until the machine is retstarted.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.