A major malvertising campaign aimed at a list of prestigious websites has infected tens of thousands of users. Big names like the New York Times and BBC became relays for cyber attack recently, prompting many people to question the notion that malvertising campaigns compromise only those who visit less-than-reputable parts of the Web.
Although many of these sites have eradicated the threat, this is yet another example of the steadily-increasing level of sophistication within many modern hacks. People expect their machines to be infected by sketchy websites, and as such hackers have had to change their tactics.
The Angler Exploit Kit was involved
Trend Micro researches have determined that the cyber criminals behind this attack utilized the Angler Exploit Kit in order to compromise the computers of users who visited these sites. When the victim clicked on one of the infected websites, the malvertising hidden on that site kicked in and rerouted traffic to one of two servers. One of these servers was set up with Angler, which went on to exploit vulnerabilities in certain types of software. Microsoft Silverlight and Adobe Flash are two of the most common weak points that hackers like to move through.
Although the BBC was one of the sites involved, it would appear that U.S. users were the main target. What's more, the intensity of this attack massively affected overall Angler activity. Trend Micro observed about 8,000 instances of Angler exploits in the U.S. on March 9, 2016. By March 13, just after the campaign was initiated, this number had spiked to 18,000.
The merger of the Angler Exploit Kit and malvertising isn't new, but it's use on such a large and far-reaching scale is indicative of hackers getting bolder in their attacks.
What does this trend mean?
While the immediate ramifications of infected computers are certainly nothing to scoff at, malvertising as a whole has consequences that go far beyond individual computers. In fact, the advertising industry as a whole is being affected by this trend. It's a trickle-down effect that begins with the actual money lost on these malicious ventures.
Brian O'Kelley, Forbes contributor and CEO of ad technology company AppNexus, stated that malvertising is costing the advertising industry quite a lot of money. In fact, every year advertisers lose more than a $1 billion to these kinds of attacks. That's quite a large sum to lose due to such a malicious act, but it's just the beginning.
After this, the companies that unwillingly distributed these campaigns are instantly branded as unsafe by many consumers. Cyber attacks are known for decreasing an organization's customer-facing reputation, regardless of how many precautions they take after the incident occurs. No one wants to put themselves in a cyber criminal's cross hairs, and avoiding previously infected sites is a simple way of doing so. Sadly, this only punishes sites for doing nothing wrong in the first place.
How can users protect themselves?
Although this recent malvertising campaign is showing that even the big sites aren't safe from hackers, there are a few things users can do to mitigate the risk of infection. Again, Flash and Silverlight are pieces of software that hackers love to exploit. These systems are outdated and have a lot of holes that cyber criminals can access with the right knowledge. Using other programs is ideal where possible.
Aside from this, users should make sure that all of their software is updated. While taking the time to download the newest version of a piece of software may seem like a waste of time, it actually does a lot to plug previous vulnerabilities. Doing so will seriously decrease the chances that an attack such as this will infect an intended victim's machine.
