The Economist infects readers with malware - via third party anti-adblocker

As ironic as it is embarrassing, the Economist has unwittingly infected their readers with malware, due to using a third-party analytics to detect readers using ad-blockers. People tend to use ad blockers to protect not only their privacy, but their computers as banner ad distributed malware has been rampant for a decade now. (see previously: March 2007, Dec 2007, Sept 2008, google itself caught up in it April 2015 etc). More recently the war between ads and ad blockers has heated up as publishers feel the squeeze when banners are no longer seen. Some publishers, like Techdirt, opted for simply asking their readers to turn off ads, while others like the Economist relied on Pagefair for analytics, but you can also use it as an adblock-friendly revenue stream.

The Third party Pagefair, is an analytics system & adblock detector that can be used to direct your readers to a subscription model, or show adblock friendly ads. Pagefair was hacked on Halloween by a trojan that masqueraded as an Adobe Flash update. For 83 minutes, 501 publishers using Pagefair were unwittingly spreading the malware.

The Economist has posted this apology and alert to readers to clean their PC's. "Oct. 31, 23:52 GMT and Nov. 1, 01:15 GMT, using Windows OS and you do not have trusted anti-virus software installed, it is possible that malware, disguised as an Adobe update, was downloaded onto your PC." Key words, "trusted anti-virus software" - these are the only players who are winning in this ever escalating tech war between advertisers and publishers, trolls and hackers.


Update, the Economist has reached out to us and wanted to publish this statement, which is a much saner one than the linked one that recommended you "change all passwords" as step one, then run an anti-virus. If you're infected by a keylogger, as explained in this statement below, your new passwords would fall into the hands of the hackers if you did it in that order.

On Oct. 31, 2015, one of economist.com’s vendors, PageFair, was hacked, affecting 501 of its publishing clients, including us. We know that the issue lasted 83 minutes before it was resolved by PageFair. We were informed on Monday morning that this had happened. We obtained a copy of the malware from PageFair in order to analyze it independently.

The specialist company we engaged, Tempest, informed us the software is a keylogger – a type of surveillance software that has the capability to record every keystroke made by someone who has downloaded the malware – and this may compromise a user’s personal data such as passwords and bank and credit card details. We have now taken action to inform visitors to economist.com via this page. Please note that economist.com’s own systems have not been compromised; therefore any data we hold on our customers remains secure.

The Economist takes cybersecurity extremely seriously and strives to maintain the highest level of protection for our customers.

Comments (3)

  • Mike Masnick 's picture
    Mike Masnick (not verified)

    We have never asked anyone to turn off their ad blocker. Not sure why we're listed as having done so. We went the other direction and have said we encourage people to use ad blockers and made it even easier by letting users turn off their own ads.

    Nov 08, 2015
  • fairuse's picture
    fairuse

    I have a paranoid streak that automatically goes off when a site offers to "help me". Ad block software makes me itchy for several security reasons, such as described in article. if a web page goes bonkers with Flash based video ads I turn off plugins. if the web page is a mess of daisy chained refresh ads I kill javascript. I have seen ads killing layout (hello Google) for so long I don't notice what message the banner, clickbait url and other annoy me please popovers, mostly on mobile, are pushing.

    I guess I'm easily distracted.

    Nov 08, 2015
  • sport's picture
    sport

    I've uninstalled flash on most browsers that I use for daily surfing, and find the web is a much better place without it. Adland works perfectly fine without flash, that's a plus. Noscript can cause a lot of issues on sites unrelated to their banner ads, but it's useful and you can whitelists sites.

    Nov 08, 2015

Leave a comment

about the author

Dabitch Creative Director, CEO, hell-raising sweetheart and editor of Adland. Globetrotting Swede who has lived and worked in New York, London, San Francisco, Amsterdam, Copenhagen and Stockholm after growing up in Kiruna, Raleigh and Jiddah.