Internet lowlives who used Yahoo
! ads to infect potentially countless PCs with malware have struck again – using adverts on popular websites to reach millions more people.
Security researchers at MalwareBytes this week discovered the crooks running
another massive campaign of ads that use the Angler Exploit Kit to infiltrate Windows PCs via vulnerabilities in Adobe Flash and web browsers.
Prominent websites including the Drudge Report and
Weather.com – a pair of sites whose total traffic alone amounts to nearly 200 million visits per month – were apparently inadvertently carrying the ads, putting millions of netizens at risk.
MalwareBytes said the network carrying the ads, AdSpirit, was notified, and it has since taken down the offending adverts. The campaign has now moved to AOL's ad network, with dodgy adverts appearing on eBay, we're told.
Like the attacks spotted last week on
Yahoo! sites, the malicious ads silently load, through a chain of web redirects, script code that attempts to exploit software vulnerabilities in the visiting PC to install either an adware package or the CryptoWall ransomware.
