back to article Mal Men men hit LiveJournal with Angler exploit kit

Malwarebytes researcher Jerome Segura says malvertisers have served the world's most dangerous exploit kit - Angler - through compromised advertisements run on LiveJournal.com and news service Likes.com. The attacks are the latest in a string of brazen and successful malvertising campaigns that are smashing the web's most …

  1. Anonymous Coward
    Anonymous Coward

    Urk!

    I was expecting things to get hardcore-dangerous the end of next year, perhaps a bit earlier. Wrong guess, -5.

  2. David Black

    Strict liability would sort it

    Simply hold the sites responsible for the security of all site visitors. If I visit a hotel and the staff rob me, the hotel incurs the liability for their actions, it should be no different. Sure it may drive up the cost of hosting and delivering online ads but surely that could be a good thing as then subscription based offerings might get a chance to survive and the number of ads overall would drop.

    1. Adam 52 Silver badge

      Re: Strict liability would sort it

      "If I visit a hotel and the staff rob me, the hotel incurs the liability for their actions"

      Not in England and Wales, not unless they were instructed to rub you, see http://www.bailii.org/uk/cases/UKHL/1971/1.html

  3. Doctor Syntax Silver badge

    It's been obvious for some time now that this was likely to be final nail in the ad industry's coffin if the likes of Google didn't deal with it PDQ. All that's left now is for the ad blockers to fill in the hole.

  4. Justicesays

    No surprise

    When the source of the advert is so far removed from the site displaying it, and is capable of being modified on the fly with no apparent confirmation from any one other than the "advert originator" themselves.

    In other news, Ad blockers are apparently an organized mafia who are a threat to online commerce...

    Or maybe that was the advertisers!

  5. Steve Crook

    Ad Blockers?

    Want me to stop using them? Fix this sort of thing...

    1. Frederic Bloggs

      Re: Ad Blockers?

      Not to mention NoScript

    2. Doctor Syntax Silver badge

      Re: Ad Blockers?

      "Fix this sort of thing..."

      It's beyond fixing.

  6. Palpy

    And here lies a lesson --

    -- about old paradigms and reactive security.

    "Just stay away from dodgy sites" won't help. Running antivirus and antimalware won't help. Disabling JavaScript will in the case mentioned, but not in other attack cases (phishing, for instance: http://www.theregister.co.uk/2016/03/30/angler_malvertising_livejournal/. And no, you no longer get to laugh at the "Nigerian prince" because, well, the phishing email looks exactly like an invoice from your utility company, spelled correctly and everything).

    I think everyone who writes "Blimey, if they'd just do xxxxx then it would all be fine" is probably seeing only the pinky finger or the left ear of the problem. The whole ogre is bigger and more complicated than its parts. There is no "just do this" solution. IMHO.

    It seems to me that regular software dev cycles often work through incremental innovation. That's what our current enviro offers malware crims: incremental changes in security, which encourage reciprocal incremental innovation in malware programming.

    The future is bleak, bleak I tell you. O, tempora! It's a hard rain gonna fall.

    Myself, I have the luxury of being able to move my home machines to relatively secure and fairly obscure OSes. But those who need Windows on the desktop and Android on their mobes may be somewhat stuck. I just don't know. And businesses which rely on Windows are probably stuck badly.

  7. Al_21

    I just want to view content

    I'm not a techie so don't understand how it attacks, but it's frustrating knowing this can happen via a web-browser without any prompts about the page wanting to go above and beyond what most users want it to do.

    All I want to do is read websites and see pictures of cats, not even upload anything.

  8. VinceH

    Missing paragraph from the end of the article:

    El Reg contacted several advertising agencies for their views on this problem, all of whom promptly put their fingers in their ears and replied "LALALALALALALALALA!"

  9. noj

    more justification for ad blockers

    Ditto to others who have said the same.

  10. tiggity Silver badge

    repetition

    An ad / script blocker is a necessary part of your basic browsing security kit these days, I would say malware via ads is the biggest attack vector I face these days as decent mail filters and av mail scans mean I see almost no spam / phishing / malicious payload emails.

    Despite various ad revenue dependent sites whinging, as no ad can be trusted with the current broken model of ad brokering / minimal vetting of ads then computer security must take precedence over unwanted ads..

    Still waiting for micropayments!

  11. Florida1920
    Childcatcher

    How to get content providers on board?

    Content providers try to make money from advertising, opening the door to these exploits. Ironically, their sites could be the front line in a public campaign in support of ad and script blocking. But content providers would be cutting off their revenue streams, so they won't. Maybe Reg scribes could take turns on a soapbox in Hyde Park?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like