Ars Technica: Webkit zero-day exploit besieges Mac and iOS users with malvertising redirects

Ars Technica: Webkit zero-day exploit besieges Mac and iOS users with malvertising redirects. “Attackers have bombarded the Internet with more than 1 billion malicious ads in less than two months. The attackers targeted iOS and macOS users with what were zero-day vulnerabilities in Chrome and Safari browsers that were recently patched, researchers said on Monday.”

BuzzFeed News: Google Removed Dozens Of Android Apps From A Major Chinese Developer Due To “Deceptive Or Disruptive Ads”

BuzzFeed News: Google Removed Dozens Of Android Apps From A Major Chinese Developer Due To “Deceptive Or Disruptive Ads”. “Last week, Google quietly removed at least 46 apps from the Play store belonging to iHandy, a major Chinese mobile developer, and initially declined to comment on why it took action against the company. Now Google has told BuzzFeed News the apps were removed due to ‘deceptive or disruptive ads.’”

The Next Web: VPN apps with 500M+ installs caught serving disruptive ads to Android users

The Next Web: VPN apps with 500M+ installs caught serving disruptive ads to Android users. “Google Play Store has a malware problem. And it doesn’t seem to go away despite the company’s best efforts to rein in sketchy apps. In a yet another instance of Android adware, New Zealand-based independent security researcher Andy Michael found four Android VPN apps with cumulative downloads of over 500 million that not only serve ads while running the background, but are also placed outside the apps, including the home screen.”

BetaNews: Researchers find two Android malware campaigns with over 250 million downloads

BetaNews: Researchers find two Android malware campaigns with over 250 million downloads. “Check Point Research has uncovered two massive mobile adware and data stealing campaigns, which have already had a combined total of over 250 million downloads globally. Both target mobiles using Android, and exploit the mobile app development supply chain to infect devices and perform malicious actions.”

ZDNet: Google removes 85 adware apps that were installed by millions of users

ZDNet: Google removes 85 adware apps that were installed by millions of users. “Google has removed 85 Android apps from the official Play Store that security researchers from Trend Micro deemed to contain a common strain of adware. The 85 apps had been downloaded over nine million times, and one app, in particular, named ‘Easy Universal TV Remote,’ was downloaded over five million times, according to researchers.”

The Register: How hack on 10,000 WordPress sites was used to launch an epic malvertising campaign

The Register: How hack on 10,000 WordPress sites was used to launch an epic malvertising campaign . “Security researchers at Check Point have lifted the lid on the infrastructure and methods of an enormous ‘malvertising’ and banking trojan campaign. The operation delivered malicious adverts to millions worldwide, slinging all manner of nasties including crypto-miners, ransomware and banking trojans.”

Ars Technica: Here’s why the epidemic of malicious ads grew so much worse last year

Ars Technica: Here’s why the epidemic of malicious ads grew so much worse last year. “Last year brought a surge of sketchy online ads to the Internet that tried to trick viewers into installing malicious software. Even credit reporting service Equifax was caught redirecting its website visitors to a fake Flash installer just a few weeks after reports of a data breach affecting as many as 145.5 million US consumers. Now, researchers have uncovered one of the forces driving that spike-a consortium of 28 fake ad agencies.”

Washington Post: Hackers have turned Politifact’s website into a trap for your PC

Washington Post: Hackers have turned Politifact’s website into a trap for your PC . “PolitiFact has been an invaluable resource for debunking politicians’ misstatements and falsehoods. But now, it seems, some unknown actor is trying to profit off the website’s popularity — by hooking visitors’ computers into a virtual currency mining operation. The hack was discovered Friday by security researcher Troy Mursch, who noticed that visiting Politifact.com caused his computer’s CPU to run at its maximum capacity.”

BetaNews: Malvertising continues to rise as tactics change

BetaNews: Malvertising continues to rise as tactics change . “The second quarter of 2017 saw over 18 percent more adverts containing blacklisted content — phishing, scams, exploit kits, and malware — than Q1 according to a new report. The study from threat management company RiskIQ shows some seasonal changes in the pattern of traffic, with a 24.2 percent drop in exploit kits, and a 42.7 percent drop in malware. However this was more than offset by a huge 131.3 percent rise in phishing-related ads.”

SitePro News: Malvertising Rises 132% in 2016 Over 2015, Says RiskIQ Research

Ugh. From SitePro News: Malvertising Rises 132% in 2016 Over 2015, Says RiskIQ Research. “RiskIQ, the leader in digital threat management, today released its annual malvertising report which indicates a sharp spike in malvertising in 2016, a digital threat that has become increasingly challenging for organisations to detect and mitigate. Delivered through ad networks such as Google and Facebook, threat actors use malvertising to propagate malware, ransomware, and scams (disingenuous advertising), as well as redirect victims to phishing pages and pages hosting exploit kits.” This looks sortakinda a press release.

Ars Technica: Millions exposed to malvertising that hid attack code in banner pixels

Remember, NoScript is your very good friend. From Ars Technica: Millions exposed to malvertising that hid attack code in banner pixels. “Millions of people visiting mainstream websites over the past two months have been exposed to a novel form of malicious ads that embed attack code in individual pixels of the banners. Researchers from antivirus provider Eset said ‘Stegano,’ as they’ve dubbed the campaign, dates back to 2014. Beginning in early October, its unusually stealthy operators scored a major coup by getting the ads displayed on a variety of unnamed reputable news sites, each with millions of daily visitors. Borrowing from the word steganography—the practice of concealing secret messages inside a larger document that dates back to at least 440 BC—Stegano hides parts of its malicious code in parameters controlling the transparency of pixels used to display banner ads. While the attack code alters the tone or color of the […]