Web

Realtor.com the latest victim of malvertising plague

malvertising realtor com malware
Andrey_Popov/Shutterstock
It’s not a new threat on the scene, but it’s still dangerous — and malvertising on the web is on the rise.

Malvertising is the spread of malware through online advertising, and it’s pretty ugly. It’s especially prescient as ads on the web have been challenged by a number of technical factors in browsers, the progressive changeover to HTML5 from Flash technology, and the emergence of app blockers in places like the Apple App Store.

In recent years, the spread of malware transmitted through ads has grown exponentially, by some estimates quadrupling in size from year to year. The threat is major, and with every malvertising infection, the potential for hackers to execute arbitrary code on a base of infected computers increases. The scale and sophistication of attacks continues to march on, and much of the response has hinged on fighting fires as outbreaks pop up. Some worry that this explosion will change the very nature of advertising networks and how we view ads on the web.

A plague is out there

An ugly malvertising campaign on the website Realtor.com last week exploited unpatched systems, and this particular campaign is especially worrisome for one reason: It’s the latest in a string of attacks that don’t even require your click on a bogus advertisement to trigger an infection. Realtor.com gets an estimated 30 million visits a month, which means as many as a million people may have been exposed to the malware in a single day. According to the MalwareBytes blog, the payload in this case appeared to be the Bedep Trojan, which can hijack browsers and install ransomware. Yahoo, Forbes, YouTube, and other major websites join a lengthy list of companies that have been affected by these ads.

realtor_flow
MalwareBytes
MalwareBytes

Follow the flow this diagram and you’ll witness the appeal of spreading malware through these means. By all measurable information, the campaigns appear compelling and profitable — that’s why we’re seeing such see a concerted effort to produce convincing advertisements with products that appear genuine. The black market for the zero-day vulnerabilities implemented in these malvertising attacks also indicates investment and effort. The very placement of ads also incurs an operational cost.

Targeted infections

It’s also interesting to consider that the very same base of information that makes advertising targeted and personal has become the target for spreading specific malware. The parties behind this surge in malvertising have targeted ad networks and websites so far. It may be a matter of time only before they micro-target certain individuals within an organization or within government through these innovative techniques. Cyber security usually boils down to a race to find the point of least resistance — and the latest front may very well be malvertising.

The best way to deal with these threats is to keep your browser, plugins, and operating systems up to date. Always use an anti-virus product to protect your systems, and when required, use a malware tool to perform cleanups. let’s be safe out there, everyone.

Computing

Chrome’s dark mode may cast its shadow over Macs by early 2019

By early 2019 Google may release a version of Chrome for Mac users that offers a Dark Mode feature to match MacOS Mojave's recent darkening.
Movies & TV

The best shows on Netflix, from 'Haunting of Hill House’ to ‘Twilight Zone’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Computing

With 20,000 sites swallowed up, a botnet is eating WordPress alive

A botnet of infected WordPress sites has been attacking other WordPress sites, generating up to five million malicious logins on certain WordPress backends within the last thirty days.
Computing

These are the 5 best free antivirus apps to protect your MacBook

Malware protection is more important than ever, even if you eschew Windows in favor of Apple's desktop platform. Thankfully, protecting your machine is as easy as choosing from the best free antivirus apps for Mac suites.
Computing

Edit, sign, append, and save with six of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.
Computing

How to easily record your laptop screen with apps you already have

Learning how to record your computer screen shouldn't be a challenge. Lucky for you, our comprehensive guide lays out how to do so using a host of methods, including both free and premium utilities, in both MacOS and Windows 10.
Web

Google Translate updated to reduce gender bias in its translations

Google is changing how Google Translate offers translations. Previously when you entered a word like doctor, Translate would offer a masculine interpretation of the word. Now, Translate will offer both masculine and feminine versions.
Computing

From beautiful to downright weird, check out these great dual monitor wallpapers

Multitasking with two monitors doesn't necessarily mean you need to split your screens with two separate wallpapers. From beautiful to downright weird, here are our top sites for finding the best dual monitor wallpapers for you.
Web

Encryption-busting law passed in Australia may have global privacy implications

Controversial laws have been passed in Australia which oblige tech companies to allow the police to access encrypted messages, undermining the privacy of encryption with potentially global effects.
Web

Can Microsoft’s Airband Initiative close broadband gap for 25M Americans?

A new report from the Federal Communications Commission (FCC) says that 25 million Americans do not have access to broadband internet. Of these, more than 19 million are living in rural communities. Can Microsoft help out?
Computing

Microsoft’s Chromium Edge browser may be adding your Chrome extensions

Fans sticking to Google Chrome because due to its vast extension library might be able to switch over to Microsoft's latest iteration of Edge, as a project manager confirms that the company has its eyes on Chrome extensions.
Computing

If you've lost a software key, these handy tools can find it for you

Missing product keys getting you down? We've chosen some of the best software license and product key finders in existence, so you can locate and document your precious keys on your Windows or MacOS machine.
Computing

Google+ continues to sink with a second massive data breach. Abandon ship now

Google+ was scheduled to shut its doors in August 2019, but the second security breach in only a few months has caused the company to move its plan forward a few months. It might be a good idea to delete your account sooner than later.
Social Media

‘YouTube Rewind 2018’ is about to become its most disliked video ever

YouTube is about to achieve a record it really doesn't want — that of "most-disliked video." Yes, its annual recap of featuring popular YouTubers has gone down really badly this year.