![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
My company's chief compliance officer certainly was.
This past weekend there was a very big spike in malware activity on the Net- in particular, malware spread through online advertising networks. The good folks at Malwarebytes reported that ads being served up on msn.com, nytimes.com, bbc.com, xfinity.com, nfl.com, realtor.com, and a number of other large, respectable web sites were showing up as infected. According to other security researchers, the ads were coming from domains that had been bought up in January by what looks like Russian operators.
The ads look like legitimate (if annoying) advertisements, but the code behind them attempts to install a type of ransomware that locks up a user’s computer and encrypts their hard drive, then demands wire transfer of money in return for unlocking it. It can also drop a piece of Trojan horse software that gives the attackers access to the victim’s computer.
So far the only affected computers have all been machines running Microsoft Windows. (Ransomware for OS X machines did make an appearance this week, but it wasn't part of what was being served up by the infected ad networks.) We use several lines of defense against this kind of thing at my office: all our user machines are protected by multiple anti-bad-mojo programs, our software is kept up to date, our webfilter is set to block potentially dangerous web activity, etc. However, I need to remind people that the people and organizations behind this kind of thing are changing their code and their tactics every day. If one of their attempts gets through before a defense can be constructed, it could cause a serious problem for any infected machine, and any user. Ransomware is a particularly unpleasant threat, given that it can easily result in the destruction of large amounts of data if someone doesn’t cough up.
Be careful out there, okay?
This past weekend there was a very big spike in malware activity on the Net- in particular, malware spread through online advertising networks. The good folks at Malwarebytes reported that ads being served up on msn.com, nytimes.com, bbc.com, xfinity.com, nfl.com, realtor.com, and a number of other large, respectable web sites were showing up as infected. According to other security researchers, the ads were coming from domains that had been bought up in January by what looks like Russian operators.
The ads look like legitimate (if annoying) advertisements, but the code behind them attempts to install a type of ransomware that locks up a user’s computer and encrypts their hard drive, then demands wire transfer of money in return for unlocking it. It can also drop a piece of Trojan horse software that gives the attackers access to the victim’s computer.
So far the only affected computers have all been machines running Microsoft Windows. (Ransomware for OS X machines did make an appearance this week, but it wasn't part of what was being served up by the infected ad networks.) We use several lines of defense against this kind of thing at my office: all our user machines are protected by multiple anti-bad-mojo programs, our software is kept up to date, our webfilter is set to block potentially dangerous web activity, etc. However, I need to remind people that the people and organizations behind this kind of thing are changing their code and their tactics every day. If one of their attempts gets through before a defense can be constructed, it could cause a serious problem for any infected machine, and any user. Ransomware is a particularly unpleasant threat, given that it can easily result in the destruction of large amounts of data if someone doesn’t cough up.
Be careful out there, okay?
