Tech News

As If Ads Weren’t Bad Enough, Now Adsense comes with Malware stuffed inside

As If Ads Weren’t Bad Enough, Now Adsense comes with Malware stuffed inside

As If Ads Weren’t Bad Enough Now Adsense comes with Malware stuffed inside 2016 tech

Ads aren’t all that bad. They’re designed for people that actually need the stuff they’re selling in case they see them. They help move the economy along by getting folks to buy something they don’t really need or already have. But for the rest of us, they’re slow-loading, bandwidth-eating, webpage-cluttering annoyances. But there are times when they’re useful. With just one click, ads take us to the sites where we can easily buy the stuff we do need and later delivered to our doorstep. Ads that deliver pizza? Cool. Ads that deliver that new PC or tablet? Check. Ads that deliver malware? Wait a minute.

The New York Times website, the BBC, MSN, Newsweek, websites you know you can trust, websites you know are safe to visit, last week have dished out ads with malware. Though most of the ads have been taken care of, some might still be there. Malware attacks have been going viral lately and by far, according to experts, this is the largest in two years. The attackers managed to involve several major websites that we would assume invest in major security at least for themselves. Unbeknownst to them, they were used and given ads that redirect users to websites that upload malware or even ransomware to unsuspecting users. It’s possible that tens of thousands of computers may already be infected.

The malicious ads work by connecting to servers that host an angler exploit kit which tries to find vulnerabilities in a user’s system. Once found, malware enters the system. What happened isn’t directly the fault of the websites nor the advertising companies which include Appnexus, Google, Rubicon, AOL and DoubleClick.

“We devote considerable financial resources to safeguarding our customers… Unfortunately, bad actors also invest considerably in new forms of malware,”

–Josh Zeist, VP of Communications, Appnexus

“These are the top ad networks in the world… For some reason, they were all affected. It was shocking, to be honest.”

–Jerome Segura, Senior Security Researcher, Malwarebytes, phone interview with PCWorld

It’s quite inevitable, even for large companies that invest in high-level-security. That goes for the government as well. No one is hack-proof, but it’s pretty rare for high-profile websites and large advertising companies to be infected all at once. The ads came from third-party ads providers. The process of ad sales and distribution is mostly automatic from third parties to ad networks to their customer websites. Though the ads are screened at every level, bad stuff can still get through.

“It’s hard to imagine, but a lot of ad networks don’t know each other very well and yet they’re doing business with each other.”

–Jerome Segura

Since the ads distribution process is mostly automatic, the various tiers of ad networks don’t exactly hold hands and sing Kumbaya. They don’t exactly profile the reputations of everyone. The big boys only know the bad egg through the bad ad. Appnexus says that they’ve largely stamped out the providers of the offending ads while the other major ad providers already cleared their offensive inventory after being notified by Trend Micro. Most have been removed, but some malicious ads may still be at large. The flow continues, and it appears that we may not know who to trust anymore.

The sites are still safe to visit, but users should probably refrain from clicking any ads unless their system is fully secure by having both anti-virus and anti-malware protection and probably an optional ad-blocker. If this news gets out more, people would start to view ad-blockers as another layer of security. Goodbye ads, most of them anyway. Google had better make a convincing statement soon, or the ads industry for the web faces a recession. An ads-free web would be nice if you don’t mind a tanking economy.

Unfortunately, this latest attack suggests that the internet is no longer safe to connect to, without some form of protection. Users can only be sure they’re safe when they use a new PC out of the box is by keeping that cord out of the Ethernet port or by turning off wi-fi but where’s the fun in that?

Click to add a comment
Tech News

Our technology expert who knows a thing or two about the future, superheroes and Supernatural.

More in Tech News

Bill Belichick doesn't hate Microsoft surface just bad technology 2016 images

Bill Belichick doesn’t hate Microsoft Surface just bad technology

Shane MclendonOctober 22, 2016
behold the nintendo switch is here 2016 images

Behold, the Nintendo Switch has arrived

Marius MaronillaOctober 22, 2016
gaming weekly playstation vr and resident evil hd kills it 2016 images

Gaming Weekly: Playstation VR and Resident Evil HD kills it

Max SmithOctober 19, 2016
microsoft defends surface tablet after bill belichick trashes it 2016 images

Microsoft defends Surface Tablet after Bill Belichick trashes it

Chris MauriceOctober 19, 2016
gears of war 4 remins us what we always loved about it review 2016 images

REVIEW: ‘Gears of War 4’ reminds us what we always loved about it

Max SmithOctober 18, 2016
microsoft throws shade at ios security 2016 images

Microsoft throws shade at iOS security

Marius MaronillaOctober 18, 2016
twitter ramping up video beyond phones with periscope 2016 tech

Twitter ramping up video beyond smartphones with Periscope

Jeffrey LangOctober 16, 2016
galaxy note 7 recall costing samsung over $5 billion 2016 tech images

Galaxy Note 7 costing Samsung billions

Jeffrey LangOctober 16, 2016
samsung getting ahead of bad pr 2016 images.jpg

Samsung Getting Ahead of Bad PR

Marius MaronillaOctober 14, 2016

Subscribe to our Daily Newsletter

You will only receive one per day. You'll also get a free THE WALKING DEAD graphic novel with your subscription