Web

Realtor.com the latest victim of malvertising plague

malvertising realtor com malware
Andrey_Popov/Shutterstock
It’s not a new threat on the scene, but it’s still dangerous — and malvertising on the web is on the rise.

Malvertising is the spread of malware through online advertising, and it’s pretty ugly. It’s especially prescient as ads on the web have been challenged by a number of technical factors in browsers, the progressive changeover to HTML5 from Flash technology, and the emergence of app blockers in places like the Apple App Store.

In recent years, the spread of malware transmitted through ads has grown exponentially, by some estimates quadrupling in size from year to year. The threat is major, and with every malvertising infection, the potential for hackers to execute arbitrary code on a base of infected computers increases. The scale and sophistication of attacks continues to march on, and much of the response has hinged on fighting fires as outbreaks pop up. Some worry that this explosion will change the very nature of advertising networks and how we view ads on the web.

A plague is out there

An ugly malvertising campaign on the website Realtor.com last week exploited unpatched systems, and this particular campaign is especially worrisome for one reason: It’s the latest in a string of attacks that don’t even require your click on a bogus advertisement to trigger an infection. Realtor.com gets an estimated 30 million visits a month, which means as many as a million people may have been exposed to the malware in a single day. According to the MalwareBytes blog, the payload in this case appeared to be the Bedep Trojan, which can hijack browsers and install ransomware. Yahoo, Forbes, YouTube, and other major websites join a lengthy list of companies that have been affected by these ads.

realtor_flow
MalwareBytes
MalwareBytes

Follow the flow this diagram and you’ll witness the appeal of spreading malware through these means. By all measurable information, the campaigns appear compelling and profitable — that’s why we’re seeing such see a concerted effort to produce convincing advertisements with products that appear genuine. The black market for the zero-day vulnerabilities implemented in these malvertising attacks also indicates investment and effort. The very placement of ads also incurs an operational cost.

Targeted infections

It’s also interesting to consider that the very same base of information that makes advertising targeted and personal has become the target for spreading specific malware. The parties behind this surge in malvertising have targeted ad networks and websites so far. It may be a matter of time only before they micro-target certain individuals within an organization or within government through these innovative techniques. Cyber security usually boils down to a race to find the point of least resistance — and the latest front may very well be malvertising.

The best way to deal with these threats is to keep your browser, plugins, and operating systems up to date. Always use an anti-virus product to protect your systems, and when required, use a malware tool to perform cleanups. let’s be safe out there, everyone.

Mobile

5G your old phone: HTC’s 5G Hub is now available for pre-order from Sprint

HTC almost made a phone. The HTC 5G Hub runs Android 9 Pie, has a Qualcomm 855 processor with the X50 modem, 4GB of RAM, and an HD touchscreen -- but it's a hot spot designed to connect to 5G networks.
Movies & TV

The best shows on Netflix right now (May 2019)

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Computing

Keep your kids safe online with these great parental control tools

The internet can be a dangerous place, especially for your loved ones. Check out our selection of the best free parental control software for Windows and MacOS, so you can monitor your child and block unsavory sites.
Home Theater

Sports-centric streaming service FuboTV adds entertainment, lifestyle channels

With the addition of Viacom channels, yet maintaining a big emphasis on sports, FuboTV could be exactly what you’re looking for in a streaming service. We’ve got everything you need to know about it right here.
Home Theater

Looking to cut cable? Here’s everything you need to know about Pluto TV

Pluto TV offers plenty of entertainment in a fashion similar to live internet TV services, only at no cost — you don’t even need to register. Too good to be true? Here’s everything you need to know.
Business

The 15 best tech jobs boast top salaries, high satisfaction, lots of openings

May may be coming to an end, but the bonanza of tech jobs just keeps coming. High paying jobs abound at companies where people love to work. If you’re not satisfied with your current situation or are ready to make a change, this is a…
Social Media

A fond farewell to Grumpy Cat, the internet’s most famous feline

We say farewell and fondly remember Grumpy Cat, the internet's famous frowning feline and a genuine sweetheart, who died at the age of seven. Even tempered and tolerant, Grumpy Cat was in real life the opposite of her online persona.
Social Media

Be the master of your own Insta-verse with multiple Instagram accounts

Whether you own a small business or have separate Instagram accounts for your five cats, we'll walk you through the process of switching between your multiple accounts on your Apple or Android devices.
Movies & TV

Tired of Netflix? Here's where to find free movies online, legally

We've spent countless hours digging around the web to find the best sites for streaming free movies online. Not only are all of these sites completely free to use, they're also completely legal and trustworthy.
Web

Gmail logs your purchase history, undermining Google’s commitment to privacy

Google has tried to portray itself as privacy-focused. But a new report shows Google tracks many of your online purchases, even if they are bought from a non-Google affiliated store like Amazon.
Computing

Whether you want to edit, sign, or append, PDFs, these are the best PDF editors

While there are plenty of PDF editor options online, finding a solution with the tools you need can be tough. Here are the best PDF editors for your editing needs, no matter your budget or operating system.
Web

Creators of WhatsApp attack software face lawsuit from Amnesty International

This week a spyware attack was launched on WhatsApp. Now the Israeli firm linked to that attack is facing a lawsuit from human rights NGO Amnesty International, alleging their software has been used to surveil human rights defenders.
Social Media

Millions of Instagram influencers reportedly had private data exposed online

As many as 49 million Instagram influencers have reportedly had their private data exposed in an online database that had no password protection. The database was apparently created by a marketing firm and has been taken offline.
Emerging Tech

Elon Musk thinks Starlink satellite internet could be online before 2021

Elon Musk's ultra-ambitious Starlink space internet project may take until November 2027 to be fully operational. However, some level of service could be offered as soon as next year.