Malvertising Is Back

Malvertising is back. It had mellowed off recently (if there is such a thing), but last weekend malicious advertising traffic spiked again. You can follow the stories at Ars Technica and Trend Micro Labs.

And yes, the advertising industry is responsible for allowing this to happen. It's their ad network servers (including Google, AppNexus, AOL & Rubicon) that are distributing the malware on popular web sites such as msn.com, nytimes.com, bbc.com, aol.com, my.xfinity.com, nfl.com, realtor.com, theweathernetwork.com, thehill.com, newsweek.com. Malwarebytes has more details on this.

Also, Netflix users have discovered they are potentially vulnerable to typosquatters at netflix.om (no "c" in the suffix). Endgame have a good article on this covering the larger problem of typosquatting in general where a malicious site can spoof a real site to harvest login credentials, place backdoors on a system, install ransomware, or anything else.

Remember, if you don't have an Ad Blocker installed, now might be a good time to find one. I recommend you check out browser plug-ins such as EFF's Privacy Badger, and NoScript.