Malvertising: Daily Mail ads 'briefly linked' to malware
- Published
Readers of the Daily Mail's website were shown fake advertisements that linked to malware, according to a security company.
It said bogus ads for shoes briefly appeared among the selection of banners displayed on DailyMail.com.
Instead of online shops, it said, the ads linked to malware that could expose computers to "ransomware".
Ransomware encrypts files on a victim's computer and asks for a payment to decrypt them again.
The practice is known as "malvertising".
Security company Malwarebytes said it had made the discovery last week and had published .
A spokesman for the Daily Mail later said that it had not been contacted by Malwarebytes about its findings in advance.
However, the 大象传媒 has seen evidence that the security company did in fact try to contact the newspaper about the issue last Friday.
By Monday morning, the security company said that the fake ads had been removed.
Bogus bargains
Malwarebytes said the banners, purporting to be for an online shoe retailer, were published via a bogus ad server.
From there, they were said to have been distributed via an advertising network that presents ads to readers on the Daily Mail's website.
If a user clicked on one of the ads, said the security firm, they would be redirected to a well known piece of malware called the Angler Exploit Kit, which attacks vulnerabilities in Internet Explorer and Flash.
There are various ways to protect yourself from ransomware, according to Tony Berning, senior manager at software company Opswat.
"To protect against ransomware, users must back up their data regularly," he said.
"In addition to this, an important defence against ransomware is the use of anti-virus engines to scan for threats.
"With over 450,000 new threats emerging daily, anti-malware engines need to detect new threats continuously, and will inevitably address different threats at different times," Mr Berning said.
- Published25 September 2015
- Published9 June 2015
- Published13 March 2015
- Published6 August 2014
- Published24 December 2013