Pages

Friday, 6 November 2015

Ad blocking

Once again, people who aren't ad blocking, have been hit. This time, it's readers of that august journal, "The Economist", a journal that I used to read assiduously (back when I was an economist - yes, I've had a strangely varied career).

They use an analysis service, PageFair, which tries to estimate how many visitors use ad blockers. PageFair estimate that 500 websites in addition to The Economist were hit. The hit consisted of a download that was claimed to be an update to Adobe, which you were invited to install. I checked VirusTotal; 38 out of 55 products would have flagged this, the following would not:

AegisLab        
Agnitum        
Alibaba        
Bkav        
ByteHero        
CMC        
ClamAV        
Cyren        
F-Prot        
Jiangmin        
SUPERAntiSpyware        
TheHacker        
TotalDefense        
VBA32        
ViRobot        
Zillya        
Zoner    


The malware was a malicious javascript. I use "Noscript" to block all javascript, except when I allow it. Unfortunately, far too many web sites are unusable when I disable javascript. I usually just jog on past those; I'm rarely so determined to view their content that I'm willing to risk my security.


No comments:

Post a Comment