back to article Masterful malvertisers pwn Channel 9, Sky, MSN in stealth attacks

A two-year long, highly sophisticated malvertising campaign infected visitors to some of the most popular news sites in the UK, Australia, and Canada including Channel 9, Sky News, and MSN. Readers of those news sites, just a portion of all affected (since it also affected eBay's UK portal), were infected with modular trojans …

  1. Anonymous Coward
    Coat

    Old IT Crowd alert

    Good job Jen's got the internet in a box then, sounds like a dangerous place out there.

  2. Voland's right hand Silver badge
    Devil

    What ads?

    Now, once again, why I am supposed not to run adblock? I did not quite hear it? Louder! Louder!! Louder!!!

    Still do not hear you. Adblock stays on. End of story.

    1. Halfmad Silver badge

      Re: What ads?

      Adblock, Ublock, we all block!

  3. Anonymous Coward
    Anonymous Coward

    Checks

    Internet Explorer: No

    Flash: No

    Ads: No

    Patches: Yes

    .....

  4. William 3 Bronze badge

    The steps we have to take to protect our data

    From website owners who believe they can profit from adverts on their website yet shoulder non of the burden of any damage they inflict, whilst complaining that ad blocking is ruining their profits.

    Poor them.

    1. Halfmad Silver badge

      Re: The steps we have to take to protect our data

      As with data protection legislation they should be forced into accepting the blame since they essentially outsourced responsibility for it.

      The decision was made by them, they are responsible for the outcome.

  5. SVV Silver badge

    Channel 9

    Buono Estente,

    hackos technologikos fe te fe te fe te nuevos Gixmo. Sekurikos les laputops adblocko.

    Boutros boutros gali.

  6. NinjasFTW

    nation state

    I can't be the only one thinking this level of sophistication is likely to have originated from a TLA agency.

    Definitely think its time that Ad networks start taking on legal responsibility for what they distribute, this is becoming all to common!

  7. quattroprorocked

    The News sites ARE at fault

    If they choose not to care about how their space is used, then they are responsible.

    The solution is simple - they should sell their own ad space and control what ads they accept.

    And still they wonder why people like adblockers

  8. Dabooka Silver badge

    Yet another justification...

    for anything other than IE and that lovely red octagon in the top right corner. Sorry El Reg, but the security implications alone justify ad blockers in my household.

    Mind it's bloody impressive to go undetected for so long, even though they targeted the low hanging fruit of IE and unpatched Flash.

  9. Ragarath

    JavaScript

    From what I am reading, this is all enabled by JavaScript. Who's idea was it to allow code be executed on the client?

  10. Wade Burchette Silver badge

    Malvertising can die quickly if ...

    Malvertising can die quickly if advertisers follow my rules of acceptable ads. These rules were worked back when the internet went from luxury to necessity. If it worked once, it can work again. (1) Absolutely no javascript in ad, no exception. (2) Absolutely no plug-in like Flash or Java in an ad, no exception. (3) Absolutely no tracking, no exception. (4) Absolutely no autoplay audio or video, except when I click on a clear link for audio clip or video clip. (5) Absolutely no pop-up or pop-under ads, no exception. (6) Absolutely no ad that takes up part or all of a web page, no exception.

    But that won't happen. Advertisers in their greed don't care about my security nor my privacy. So malvertising will still be a threat. We will just keeping the usual boilerplate non-response response: "we take your security seriously". If Pinocchio uttered those words, his nose would be 1000 miles long.

    1. VinceH

      Re: Malvertising can die quickly if ...

      "Advertisers in their greed don't care about my security nor my privacy."

      It's not so much the advertisers, but the advertising industry - which is probably what you really meant.

      And why don't they care about your our security or privacy? Because we are not their customers - the advertisers themselves are the customers, and if the problem is brought to their attention the industry points in another direction and says "Look! Something shiny!"

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019