uBlock Origin; A Must Have Browser Plugin

Latest and Greatest Ad/Malware blocking available for Chrome, Firefox, and Safari (you’re not still using Internet Explorer, I hope).

uBlock

Why do I need this plug-in, you ask? See the above image. Malvertising is a fast growing business that’s job is to infect you with malware through adds on common sites that you visit. See this story from August 27th

Angler Exploit Kit Strikes on MSN.com via Malvertising Campaign; read more here or see summary here:

“The same ad network – AdSpirit.de – which was recently abused in malicious advertising attacks against a slew of top media sites was caught serving malvertising on MSN.com. This is the work of the same threat actors that were behind the Yahoo! [and Huntington Post] malvertising.

The incident occurred when people who where simply browsing MSN’s news, lifestyle or other portals were served with a malicious advertisement that silently loaded the Angler exploit kit and attempted to infect their computers.

The ad request came from AppNexus, which loaded the booby-trapped advert from AdSpirit and the subsequent malvertising chain.

This time, rogue actors are leveraging RedHat’s cloud platform, rhcloud.com to perform multiple redirections to the Angler exploit kit (in the previous attack they were using Microsoft’s Azure).

While we did not collect the malware payload associated with this campaign, we believe it is either Ad fraud or ransomware, Angler’s trademark.”

  • Infection Chain:
    • com => lax1.ib.adnxs.com => pub.adspirit.de
  • uBlock Origin:
    • com – Found in
      • Malvertising filter list by Disconnect
      • Peter Lowe’s Ad server list
      • Dan Pollock’s hosts file
    • de: Found in:
      • Malvertising filter list by Disconnect
      • Peter Lowe’s Ad server list
      • hpHosts’ Ad and tracking servers

uBlock Origin is available for Chrome, Firefox, and Safari, install it today!

Stay secure folks!

Carl

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s