News Portal South African Mail & Guardian Victimized with Malvertising Assault
According to Blue Coat the security company, a malvertising assault recently targeted and victimized the news portal South African Mail & Guardian.
Researchers at the security company state that people visiting the portal (mg.co.za) are getting malevolent advertisements which divert them onto one Holland-based web-server.
Subsequently, they're forwarded onto different useless subsidiary domains that are hosted on gooway.info, with the subsidiary domains being ltute., kanplnv., vrsfylj., and utxq. The turnover is rapid such that 1-2 queries are made to each subdomain.
After this, all the gooway.info websites transmit Web-traffic towards many 'Fake Antivirus" websites going by the name webantivirusprorv.p or others that scare the users into believing infection has set on their machines and that they require downloading the bogus anti-virus for cleansing the systems.
Hitting the 'Enter' as well as 'Clean computer' options, however, produces one setup.exe program, which VirusTotal detected pretty low at just 3 AV solutions from a total of 47 being able to do so.
According to security analysts who examined the most recent malvert assault, malvertising are particularly treacherous since simply via the downloading of certain website, infection can set in i.e. users needn't do things like clicking any web-link. During the years gone by, malverts have been observed as emerging randomly on lawful websites. Accordingly, the digital music site Spotify, during 2011, and the London Stock Exchange site served malicious ads to visitors through an intermediary ad network. It's important to note that end-users can become infected with malverts 182 times greater than they can while accessing porn or adult websites, reveals a 2013 survey by Cisco.
Worryingly, it isn't just the South African Mail & Guardian site which has been attacked with malicious ads, during January 2014. For, during the month's 1st-week, people using Yahoo ads from ads.yahoo.com were diverted onto one site that hosted the Magnitude attack toolkit. Thereafter, malverts on DailyMotion a site for video sharing led Web-surfers onto a bogus anti-virus software campaign.
Hence, it's vital for defending against the malvertising that's especially deceitful. Computer owners should run up-to-date security applications while maintain the latest security software on their systems, specialists recommend.
» SPAMfighter News - 18-01-2014