The Infamous Angler EK Targeting Website of Daily Mail

Theregister.co.uk reported on 14th October, 2015, stating that Net nasty numero uno, the infamous Angler Exploit Kit, has infected advertising on the well-known news website of the Daily Mail (DailyMail.com) causing it to serve malware to its reader's machines.

Internet security company Malwarebytes posted a security blog stating that an advanced malvertising attack had been discovered affecting advertisements on DailyMail.com.

It was discovered that this particular poisoned advertisement had offered users with a phony ad for shoes, which was escorted by a somewhat apprehensive domain that did not ally with the content of the advertisement.

The matter that troubled the website of the Daily Mail was apparently an SSL malvertising attack via Microsoft Azure leveraging Azure's cloud stand to piggyback on the fame of otherwise computationally uncontaminated websites.

Unfortunately, the Angler EK (Exploit Kit), which is being used in this attack, has been used to distribute ransomware to lock down a computer of the victim till they cough up a heavy fine and it is also used in designing banking Trojans to steal financial information.

Recently, security researchers announced that they had taken down an important part of the Angler EK (exploit kit) ecosystem. One group of cybercriminals was apparently making up to $30 million per year by using it.

A clear trend of malvertising targeting new sites has occurred also over the last few months. The Huffington Post was infecting its readers inadvertently in December 2014, and later on in August 2015. Yahoo was also struck in the summer followed by Forbes, which also fell victim to an attack.

Normally, cases of malvertising on these bigger websites don't last for long, but viewing that several of them are serving tens, if not hundreds, of millions of Internauts even for a short round of infections, it can result fine payday for a cybercriminal.

The firm said that the publisher of the Mail has been contacted, and the problem has been resolved.

Malwarebytes said that they also hope that well-documented cases, like this one help consumers to realize that malvertising is a very dangerous and yet frequently misunderstood threat.

Malwarebytes concluded that there is no such thing as a safe website anymore, and it is the responsibility of everyone to ensure that their devices are completely patched and properly protected.

» SPAMfighter News - 10/23/2015