A note the ad vendors: CLEAN UP YOU NETWORKS!
The way you are running ads make it unsafe to surf without an ad/script blocker.
Scores of Game of Thrones pirates may have had computers encrypted by ransomware after malvertisers served the dangerous malware through the Pirate Bay during the mega-series' season six première last weekend. MalwareBytes researcher Jerome Segura says the hard-working Magnitude exploit kit authors were able to target pirates …
I suspect the ad networks' inaction is a deliberate strategy, even though poisoned ads have been a known problem for years. As long as they act as a neutral host without filtering anything, they can claim they're not liable for anything that happens. If they try to block bad ads, they could be blamed for anything that they don't catch.
Corporate lawyers can suck snozzberries.
According to the linked report The Pirate Bay uses trafficholder as its Ad network. They are a specialist interest provider, so this isn't really an appropriate criticism of a more mainstream product like Google. I don't know if that's because the more mainstream networks refuse to work with pirates or just a commercial call.
End users don't know, of course, which is an issue but the general principle is the dodgier a site (and the cheaper the Ad placement) then the more likely dodgy Ads are.
The Reg isn't the BBC is it? Sometimes it feels like it... I get friends / family asking about these things all the time. But I don't know anymore than what they've read on Beeb! Seems like an opportunity lost for both of us. Can you include more details if they're available please Reg Editors... ? For example:
* Any info on which Browsers are more affected?
* Are those with Flash set to Click-To-Run protected?
* Is 'Hosts' file blocking of major Ad networks better protection?
* Is Silverlght infection limited to M$ offerings like IE & Edge?
Also which website(s) exactly was the malware served from? Thanks to court ordered blocks, we may no longer use the original TPB to download *ahem* Linux distros, but one of its dozens of mirrors. Have all of them been infected as well?
Was there anything else in all the rambling?
You mean like this?
NSFOCUS IB chief research analyst Stephen Gates says the malvertisers may be exploiting Adobe Flash Player (CVE-2015-7645, CVE-2015-8446, and CVE-2015-8651) and Microsoft Silverlight (CVE-2016-0034) vulnerabilities.
I also wish that the article contained a better, technical explanation of what's going on. But I got the impression that no one knows for sure the sorts of details being asked here by so many.
Hackers targeting thieves... who would've guessed?
I'm waiting for the conspiracy posts; accusing TV/Movie studios financing the advertisements.
Better yet, TPB is teaming up with TV/Movie studios to drop malware so the studios don't sue or attack TPB in any way.
What do you expect when you go to any download site? If you're not expecting to get attacked by the site or application, then you're naïve. There is a reason why MD5 hashes are published.
Better patch your systems and ensure you have an ad/script blocker...
I think you can download them from Pirate Bay!!! :)