Online Ad threat – Yahoo, Amazon, YouTube ‘Victims of Malvertising’


10 Safety Tips from ESET to avoid Unwanted Adware

ESET, a global pioneer in proactive protection for 25-years, alerts on a new mutating malware distributed through the online ad network adverts displayed on the most popular domains Yahoo, Amazon and Youtube.

The attack has been nicknamed Kyle and Stan, due to the naming scheme of the subdomains within the group – “stan.mxp2099.com” andAndroid 01 “kyle.mxp2038.com”. These online ad malware is distributed via online advertising networks, basically by conning one of the large companies whose ads are seen on thousands of sites into forwarding an ad with a malicious payload.

The size of the attack is much larger than the 700 domains and nearly 10,000 users have hit these domains and been exposed to the malicious advertisements. This attack vector is not new, as the New York Times has previously fallen victim to a malvertising campaign – but that ‘Kyle and Stan’ takes a unique approach. The attack is extremely effective and delivers a unique malicious payload for every visitor, packaged with a legitimate media player, and a piece of malware which is tailored to each user.

How to cleanse your PC from unwanted adware

  • Enable ‘Potentially Unwanted Applications’: Which is usually provided all top antivirus providers
  • Diagnose the condition:

Spotting if you are infected is actually quite hard – If you ever see ads popping up on your desktop, or within apps other than your browser, or different sites appear than the one you expect when you type in a URL, you probably have a problem.

  • Check your bookmarks and favourites

Changing home pages, adding new bookmarks and favourites are all signs of adware. In this case, visit to Control Panel to see if new programs have appeared, and uninstall them.

  • Spring clean your browser

Ensure your browser is set up to block installation of extensions by default, and to block pop-up adverts, check your extension panel regularly, as a precaution. If you see programs you don’t recognize, kill them.

  • ‘Freeware’ is rarely a free lunch

Often adware is delivered as part of ‘free’ software, with your ‘consent’ to this buried deep within a licence agreement. Think hard about whether you really need software – and read reviews on other sites, not the owner’s before downloading.

  • Hard to kill – but worth itIf your PC has been around a while, uninstalling software can be a daunting task – there’s often pages of it. But adware can be killed. Look for publishers you don’t recognize, software whose name you don’t remember, but Google first before hitting the button. Some companies install ‘helper’ apps which are perfectly legitimate such as Apple’s Bonjour, which arrives alongside iTunes – so it pays to select targets carefully.
  • Actually read licensing agreements

Be careful with software that claims to be ‘free’ open the licensing agreement and search for words such as “information” and “advertising”. Read about the developer – and read reviews before installing. Intrusive adware usually causes a storm of internet fury, so if freeware does come with unwanted ‘passengers’, it’s often not hard to find out.

  • Toolbars are tools you don’t needNot content with providing cybercriminals with many of the ‘entry points’ they use to attack PCs. Java also ‘offers’ users a toolbar for the unpopular search engine Ask, each time they install one of its many, many security updates. Untick this box. Ask is laden with far more adverts than Google. Toolbars often offer little service to the user bar ‘binding’ them to one search tool or email provider.
  • If your browser asks for permission for an app, read it

Both Chrome and Firefox will warn you if an app is installing an extension in your browser – don’t ignore these warnings. Adware is often installed this way, so read the warning, and if you don’t recognize or want the program, say no. This does not apply, however, to stealthy malware such as Boaxxe.32, which arrives in disguise, so it’s worth visiting extensions folder often.

  • Most anti-adware is, in fact, adwareThe worst possible thing you can do is to search for ‘anti-adware’ software – the web is loaded with such ‘free’ software, most of which is adware, often worse than the adware you already have. There are some legitimate, and good, programs – PC Decrapifier does a good job but most such ‘free’ tools are traps, pure and simple.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: