Under more NU.nl, NuSport and Voetbalzone spread malware because an ad network was ge lwa nfecteerd. That discovered a beveiligingsonderzoeker of Fox-IT. NU.nl has the ad network, now blocked.
One and a half hours after the issue came to light, has NU.nl the responsible ad network blocked, after the site earlier as a precaution, all ads temporarily disabled. According to NU.nl it was only the desktopsite affected, and were users of the apps no risk. Also at NuSport and Voetbalzone is to solve the problem.
The attackers used a so-called exploit kit; that try holes in software exploit to install malware. What malware exactly was spread, it is not clear, however, as well as the number of visitors with malware was facing. “But in large companies it will be easy, because the ads were via a server on a high port, spread. So if, for example, only ports 80 and 443 permits, had no problems,” according to level of client.
Ad networks are more often used to spread malware. Attackers, for instance, buy ads in that they feature malware, or they crack an ad server. Because ad networks often content of each load and the ads will automatically be sold, is the spread of malware are difficult to avoid.
In the past NU.nl more malware was distributed. That happened through compromised ad networks, but also by breaking in NU.nl self. Among others, NRC handelsblad, De Telegraaf, Business and Marketplace happened to be the same.
Update, 17:36: NU.nl has as a precaution, all the ads turned off. That information is added to the article.
Update, 18:04: NU.nl has solved the problem; the article is updated.
Comments
(206)