On Sunday, a major malicious advertisement scheme attacked user computers in what some experts are calling the worst “malvertising” attack in years. The attacks resulted in major websites including the BBC, Newsweek, The New York Times and MSN unknowingly running malicious advertisements online. Malvertising, which occurs when cyber attackers upload malicious ads to online ad networks that are then sold to publishers, has shown to be difficult to prevent as the security tools advertising companies use are not always effective. Tens of thousands of computers could have been affected and could now be infected with malware or ransomware. Some of the ads have been removed from the websites, but not all. It is also important to note that the websites were not at fault and instead, are the victims as the malware existed on the advertisements before being distributed to the publishers.
The advertisements were connected with the Angler exploit kit, which searches for a computer’s vulnerabilities so malware can be delivered. The company Malwarebytes discovered the attack thanks to users of their Anti-Exploit software. Senior Security researcher at Malwarebytes Jerome Segura said his company contacted major online advertisement companies when they detected the problem, but some needed to be asked twice or did not respond until Monday. He explains that the digital nature of the sale and delivery of online ads makes it particularly vulnerable to malware, as companies doing business with each other do not know a lot about each other, and major ad servers sell ads that have been through a long chain of sellers.