The Looming ‘WannaCry’ Malvertising Threat
May 24th, 2017 | By adops | Category: Ad OperationsWhat happens when a virulent ransomware worm turns to malicious ads as the main infection vector?
Unless you’ve been on vacation, you are already aware of Wannacry, the ransomware attack that spread around the world at breakneck speed and caused major chaos at businesses including Telefonica in Spain, Megafon in Russia, the National Health Service in the U.K, and Fedex in the United States.
The Ransomware ‘WannnaCry’
Wannacry, confirmed as the largest ransomware attack in history, combined the use of publicly available exploits with worm-spreading functionality to infect hundreds of thousands of Windows computers around the world.
The initial infection vector is still unknown but security experts believe it could have been done via drive-by downloads (malicious links on a site) or via e-mail phishing.
This attack was particularly virulent because it was built to infect unpatched Windows machines inside a local network. The worm works by scanning Local Access Network IP addresses looking for open SMB/445 port. When an open port is found, it delivers a publicly known exploit to continue the propagation.
MalwareTech map
How It was Contained
For the most part, the attack was contained because of what appears to be a mistake in the code that allowed independent researchers to register domains that acted as kill-switches. This helped to buy some time for Windows users to apply the MS17-010 (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx) update to block the attacks.
Copycats Abound
However, security experts are warning that things will get worse, especially for online publishers that rely on third-party ad serving technology to handle rich media advertising on high-profile web sites.
We are already seeing signs of copycats using the WannaCry infection and spreading mechanisms to launch new ransomware attacks. There is a strong likelihood that the same exploitation techniques will be used in malvertising (malicious advertising) attacks.
As we have reported in the past, cybercriminals are already using online advertisements as a distribution mechanism for these types of attacks that infect computers and encrypt files, folders and important documents and demand ransom payments for file recovery keys. It is only a matter of time before ad-serving networks are under siege and online advertising is being used to redirect users to malicious sites or hijack the user’s connection to serve malware from exploit kits.
A Compromised Ad Ecosystem
Late last year, several publishers including the New York Times, AOL, MSN and the BBC had their ad-serving technologies hijacked simultaneously pushing poisoned ads to infect web surfers with ransomware. In those attacks, the publisher’s automated ad network was compromised to display malware-laced banner ads that automatically redirected to two malvertising servers, the second of which delivered a well-known exploit kit known as Angler.
The Angler kit is fitted with exploits for known vulnerabilities in dozens of software including web browsers, Adobe Reader, Adobe Flash and Microsoft Silverlight. As WannaCry proved, Windows users are extremely slow to apply patches and the public availability of newer exploits means that these exploit kits will be updated immediately to cause the most damage.
How to Protect Yourself & Your Users
Instead of waiting for the worst, publishers and networks should use specialized ad security and verification tools to maintain the sterility of the advertising served on their web pages. GeoEdge can automatically spot signs of suspicious activity and block malicious ads before they do damage to your users. Ask GeoEdge how we can help keep your site and users safe.
In addition, GeoEdge recommends that Windows users do the following:
• Immediately apply the patches available in Microsoft’s MS17-010 security bulletin. The attacks have been seen on all newer versions of Windows (especially Windows 7) so it’s mandatory that these patches are applied with the highest priority.
• Use firewalls to block TCP/445 traffic from untrusted systems and block 445 inbound to all internet-facing Windows systems.
• Be sure to back up all sensitive files and folders and store those back-ups offline. In the event of a ransomware infection, back-ups are the only foolproof way to recover without paying hefty ransoms.
GeoEdge is the premier provider of ad verification and transparency solutions for the online and mobile advertising ecosystem. The company ensures high ad quality and verifies that sites and apps offer a clean, safe, and engaging user experience.
http://www.blog.geoedge.com/single-post/2017/05/23/The-Looming-%25E2%2580%2598WannaCry%25E2%2580%2599-Malvertising-Threat
Great – I should definitely pronounce, impressed with your site. I had no trouble navigating through all tabs as well as related information ended up being truly easy to do to access. I recently found what I hoped for before you know it in the least. Reasonably unusual. Is likely to appreciate it for those who add forums or anything, site theme . a tones way for your client to communicate. Nice task.
wonderful issues altogether, you simply received a new reader. What might you suggest in regards to your post that you just made some days ago? Any certain?
Appreciating the dedication you put into your website and detailed information you provide. It’s good to come across a blog every once in a while that isn’t the same outdated rehashed material. Fantastic read! I’ve saved your site and I’m adding your RSS feeds to my Google account.
Google
Sites of interest we’ve a link to.
MEYD 532
[…]check beneath, are some completely unrelated internet sites to ours, on the other hand, they are most trustworthy sources that we use[…]
http://thefrenchsupply.com
[…]below you will find the link to some web sites that we consider you must visit[…]
Stripping and resealing floors
[…]one of our guests not long ago encouraged the following website[…]
Zion
[…]although internet sites we backlink to below are considerably not related to ours, we feel they are truly worth a go via, so possess a look[…]
Bitdefender crack
[…]very couple of web-sites that transpire to be detailed below, from our point of view are undoubtedly nicely really worth checking out[…]
mario cartridges
[…]below youll obtain the link to some web pages that we consider you need to visit[…]
Macys Insite
[…]Sites of interest we’ve a link to[…]
bondage toys for couples
[…]Here is a good Weblog You might Obtain Intriguing that we Encourage You[…]
exotic cartridges
[…]the time to read or pay a visit to the content material or web pages we’ve linked to beneath the[…]
I simply want to mention I am very new to blogging and site-building and actually liked your web blog. Likely I’m going to bookmark your blog . You absolutely come with wonderful well written articles. Thanks a lot for sharing with us your web page.
https://financehelper.net/
[…]Every after inside a when we opt for blogs that we read. Listed below would be the most current websites that we decide on […]
Thanks, I have recently been searching for information about this subject for a long time and yours is the best I’ve came upon so far. But, what concerning the bottom line? Are you sure concerning the supply?
Super-Duper blog! I am loving it!! Will come back again. I am taking your feeds also
Wow, wonderful blog layout! How long have you been blogging for? you make blogging look easy. The overall look of your website is great, as well as the content!
I am constantly looking online for tips that can aid me. Thx!
Yeah bookmaking this wasn’t a bad determination great post! .
SEO Vancouver
[…]that could be the finish of this report. Right here you will come across some web-sites that we believe you will enjoy, just click the links over[…]
Whats up very cool site!! Man .. Beautiful .. Amazing .. I’ll bookmark your website and take the feeds also…I’m satisfied to search out so many useful information here within the put up, we want develop more techniques in this regard, thank you for sharing. . . . . .
Wow! This could be one particular of the most helpful blogs We have ever arrive across on this subject. Basically Great. I’m also an expert in this topic therefore I can understand your effort.
Perfect piece of work you have done, this website is really cool with good info .
I am not positive where you’re getting your information, but good topic. I must spend some time studying more or figuring out more. Thank you for fantastic information I used to be in search of this information for my mission.
You really make it seem so easy with your presentation but I find this topic to be actually something that I think I would never understand. It seems too complex and extremely broad for me. I’m looking forward for your next post, I’ll try to get the hang of it!
As a Newbie, I am continuously browsing online for articles that can help me. Thank you
PPPD 792
[…]check below, are some entirely unrelated web sites to ours, on the other hand, they are most trustworthy sources that we use[…]
I loved as much as you’ll receive carried out right here. The sketch is attractive, your authored material stylish. nonetheless, you command get bought an edginess over that you wish be delivering the following. unwell unquestionably come more formerly again as exactly the same nearly very often inside case you shield this increase.
link alternatif joker123
[…]The info mentioned inside the report are several of the best out there […]
online shopping challenge
[…]usually posts some incredibly exciting stuff like this. If youre new to this site[…]
pc games for windows 7
[…]The information talked about inside the article are some of the very best obtainable […]
pc games for windows 10
[…]although web sites we backlink to beneath are considerably not related to ours, we really feel they are really worth a go as a result of, so possess a look[…]
apps for pc
[…]one of our guests not long ago recommended the following website[…]
This makes me think of the other page here I saw earlier
beginner strap on
[…]very few internet sites that take place to be comprehensive beneath, from our point of view are undoubtedly effectively worth checking out[…]
Definitely, what a fantastic website and informative posts, I definitely will bookmark your site.Best Regards!
CAWD-010
[…]usually posts some quite fascinating stuff like this. If youre new to this site[…]
Hello! I could have sworn I’ve been to this blog before but after browsing through some of the post I realized it’s new to me. Anyways, I’m definitely happy I found it and I’ll be book-marking and checking back frequently!
Do you have a spam problem on this site; I also am a blogger, and I was curious about your situation; we have developed some nice procedures and we are looking to swap methods with other folks, why not shoot me an e-mail if interested.
You made some nice points there. I did a search on the issue and found most people will agree with your website.
sewa led
[…]Here are some of the web-sites we suggest for our visitors[…]
There is evidently a lot to identify about this. I believe you made various good points in features also.
عرب نار
[…]here are some links to web pages that we link to mainly because we feel they are really worth visiting[…]
Thank you for sharing with us, I believe this website really stands out : D.
I really like meeting useful info, this post has got me even more info! .
I really appreciate this post. I have been looking all over for this! Thank goodness I found it on Bing. You’ve made my day! Thanks again!
adam and eve dildo review
[…]check below, are some absolutely unrelated internet websites to ours, nonetheless, they are most trustworthy sources that we use[…]
Sweet blog! I found it while searching on Yahoo News. Do you have any suggestions on how to get listed in Yahoo News? I’ve been trying for a while but I never seem to get there! Many thanks
I likewise think therefore, perfectly indited post! .
video game key
[…]that will be the finish of this article. Here you will come across some web-sites that we feel youll value, just click the links over[…]
thrusting rabbit toy
[…]although websites we backlink to below are considerably not connected to ours, we feel they’re really really worth a go by, so have a look[…]
mywegmans
[…]The information mentioned within the post are several of the very best offered […]
The next time I read a blog, Hopefully it won’t fail me as much as this particular one. I mean, I know it was my choice to read, nonetheless I truly believed you would probably have something useful to talk about. All I hear is a bunch of crying about something that you can fix if you weren’t too busy seeking attention.
Thc vape juice
[…]Wonderful story, reckoned we could combine a few unrelated data, nonetheless definitely really worth taking a search, whoa did a single learn about Mid East has got far more problerms also […]
Aw, this was an incredibly good post. Spending some time and actual effort to make a very good article… but what can I say… I procrastinate a lot and don’t seem to get anything done.
free download for windows 10
[…]we came across a cool website that you just could get pleasure from. Take a appear if you want[…]
free laptop games download
[…]The facts talked about within the article are some of the top accessible […]
celebrity pussy
[…]here are some hyperlinks to web-sites that we link to since we feel they may be worth visiting[…]
free games download for windows 8
[…]the time to study or stop by the content material or web sites we have linked to below the[…]
website developer in delhi
[…]Here is a good Weblog You may Discover Fascinating that we Encourage You[…]
Howdy! I just want to give you a big thumbs up for the great information you have here on this post. I am returning to your website for more soon.
MIDE-685
[…]Here are some of the web pages we advise for our visitors[…]
just what I needed to read
I’m amazed, I have to admit. Rarely do I encounter a blog that’s equally educative and amusing, and let me tell you, you have hit the nail on the head. The problem is something which too few men and women are speaking intelligently about. I am very happy that I came across this during my hunt for something concerning this.
https://legal-porno.blogspot.com/2019/05/serial-strangler.html
free download for windows 7
[…]please take a look at the sites we stick to, like this 1, as it represents our picks through the web[…]
pc games for windows 7
[…]Wonderful story, reckoned we could combine a handful of unrelated information, nonetheless seriously worth taking a appear, whoa did one master about Mid East has got more problerms also […]
apps for pc download
[…]Here is a great Weblog You may Come across Intriguing that we Encourage You[…]
pc app free download
[…]please take a look at the sites we adhere to, which includes this one particular, as it represents our picks from the web[…]
How can I get more useful info?
online vape shop
[…]here are some links to sites that we link to due to the fact we believe they’re really worth visiting[…]
diamonds west vancouver (800) 590-4347
[…]we came across a cool internet site that you may take pleasure in. Take a look in case you want[…]
ABP-905
[…]one of our guests not too long ago proposed the following website[…]
It’s actually a great and useful piece of info. I am glad that you shared this helpful information with us. Please keep us informed like this. Thanks for sharing.
pleasure ring for men
[…]the time to study or go to the material or web sites we have linked to below the[…]
animal porn child porn buy hacklink porn
watch repair
[…]Wonderful story, reckoned we could combine some unrelated data, nevertheless really really worth taking a look, whoa did 1 discover about Mid East has got more problerms too […]
buy hacklink animal porn google buy hacklink
Smm panel russia
[…]just beneath, are several completely not connected websites to ours, nonetheless, they’re surely worth going over[…]
app download for windows 7
[…]always a major fan of linking to bloggers that I appreciate but dont get lots of link love from[…]
free download for windows 7
[…]just beneath, are many completely not connected internet sites to ours, even so, they’re certainly worth going over[…]
Real exotic cartridges
[…]Wonderful story, reckoned we could combine a handful of unrelated data, nonetheless definitely worth taking a search, whoa did 1 discover about Mid East has got more problerms as well […]
google buy hacklink animal porn
canlı sikiş izle crovu canlı porno
Awesome write-up. I’m a normal visitor of your website and appreciate you taking the time to maintain the nice site. I’ll be a regular visitor for a long time.
app for pc download
[…]check below, are some entirely unrelated sites to ours, nonetheless, they may be most trustworthy sources that we use[…]
vibrating butt beads
[…]Here is a great Blog You may Discover Fascinating that we Encourage You[…]
Some really interesting information, well written and broadly user pleasant.
viagra
[…]check below, are some completely unrelated websites to ours, however, they are most trustworthy sources that we use[…]
apk for windows pc download
[…]very few websites that come about to be comprehensive below, from our point of view are undoubtedly nicely worth checking out[…]
Müşterilerimizi hedeflerine ulaştırabilmek için her zaman yenilikçi çözümler üretiyoruz.
propidren
[…]always a large fan of linking to bloggers that I adore but really don’t get a lot of link adore from[…]
anal porn child porn animal porn buy hacklink
anal porn child porn animal porn buy hacklink
apps apk download for pc
[…]Every after inside a whilst we select blogs that we read. Listed below would be the latest web sites that we pick […]
google buy hacklink animal porn anal porn sex
app for pc download
[…]Here is an excellent Blog You may Uncover Exciting that we Encourage You[…]
I have read a few good stuff here. Definitely value bookmarking for revisiting. I wonder how a lot attempt you set to make this type of great informative web site.
I blog frequently and I genuinely thank you for your information. This great article has really peaked my interest. I will bookmark your blog and keep checking for new information about once a week. I opted in for your Feed as well.
pc apk free download
[…]always a big fan of linking to bloggers that I enjoy but really don’t get a whole lot of link like from[…]
porn
[…]that may be the end of this post. Right here you will obtain some web sites that we think you will appreciate, just click the hyperlinks over[…]
hi!,I like your writing very much! percentage we be in contact extra about your article on AOL? I require an expert in this space to resolve my problem. Maybe that’s you! Having a look forward to see you.
hacklink buy anal porn sex animal porn child
I discovered your blog site on google and verify just a few of your early posts. Continue to maintain up the very good operate. I simply further up your RSS feed to my MSN News Reader. In search of ahead to studying more from you later on!
hacklink buy anal porn sex animal porn child
Some truly nice stuff on this website , I enjoy it.
cialis
[…]one of our guests not too long ago suggested the following website[…]
stopoverdoseil.org
[…]very handful of internet websites that take place to become detailed below, from our point of view are undoubtedly nicely worth checking out[…]
vibrator
[…]usually posts some very intriguing stuff like this. If you are new to this site[…]
hacklink buy anal porn sex animal porn child
hacklink buy anal porn sex animal porn child
Hello.
Where I can download XEvil for free on your website?
Got information from your Support. XEvil is really the best program for captcha solving, but I need latest version of it.
Thanks.
Some truly prime content on this internet site, saved to my bookmarks.
Thanks for ones marvelous posting! I definitely enjoyed reading it, you may be a great author.I will ensure that I bookmark your blog and definitely will come back very soon. I want to encourage one to continue your great job, have a nice weekend!
convertidor mp3 mp4
[…]we prefer to honor several other net web pages around the web, even if they arent linked to us, by linking to them. Beneath are some webpages worth checking out[…]
drywallers Vancouver
[…]always a significant fan of linking to bloggers that I adore but do not get a whole lot of link like from[…]
male masturbator
[…]Wonderful story, reckoned we could combine several unrelated data, nevertheless genuinely worth taking a look, whoa did 1 learn about Mid East has got more problerms also […]
This is a very good tip particularly to those fresh to the blogosphere. Simple but very precise info… Appreciate your sharing this one. A must read article.
Simply a smiling visitor here to share the love (:, btw great design and style.