Several large websites like The Telegraph and The Guardian have Monday malware, via ads served. That leaves Ronald Prins of Fox-IT via Twitter know. The ads were displayed via the AppNexus network, which was also previously malicious software offered.
Spokesman Joost Bijl of Fox-IT says that the rogue ads around quarter past one in the afternoon, were detected at one of the customers of the Delft security company. From follow-up studies showed that multiple sites were affected. The size is not entirely clear, but in any case, the websites of De Telegraaf, Privé, Voetbal International, Weer.nl and The Guardian passed the ads. Fox-IT took, say due to an error with the encryption of the malicious files no working copies, where, although it does not exclude that which is not previously used.
The ads were displayed via the AppNexus network, where companies through onlineveilingen ads for sites may buy. That network in the past had more security vulnerabilities. In march, passed several large, Dutch websites also malware via AppNexus. Then it went to banking-trojans, including visitors from Marketplace and Business found.
Fox-IT has AppNexus now about the malware informed, as ceo Ronald Prins on Twitter know. As far as is known, the creator of the ad network, yet no measures are taken, but Axe considers that it is likely that the ad campaign has ended.
Hmm, a lot of popular Dutch sites distribute now malware via AppNexus. Stop but just with surfing, and pick up a book or something.
— Ronald Prins (@cryptoron) may 26, 2014
Update, 19.00 hours – Spokesman Joost Axe to let you know that the ad at the beginning of the afternoon was found. The article is updated accordingly.
Comments
(88)