Once again, people who aren't ad blocking, have been hit. This time, it's readers of that august journal, "The Economist", a journal that I used to read assiduously (back when I was an economist - yes, I've had a strangely varied career).
They use an analysis service, PageFair, which tries to estimate how many visitors use ad blockers. PageFair estimate that 500 websites in addition to The Economist were hit. The hit consisted of a download that was claimed to be an update to Adobe, which you were invited to install. I checked VirusTotal; 38 out of 55 products would have flagged this, the following would not:
AegisLab
Agnitum
Alibaba
Bkav
ByteHero
CMC
ClamAV
Cyren
F-Prot
Jiangmin
SUPERAntiSpyware
TheHacker
TotalDefense
VBA32
ViRobot
Zillya
Zoner
The malware was a malicious javascript. I use "Noscript" to block all javascript, except when I allow it. Unfortunately, far too many web sites are unusable when I disable javascript. I usually just jog on past those; I'm rarely so determined to view their content that I'm willing to risk my security.
No comments:
Post a Comment