The Economist infects readers with malware - via third party anti-adblocker

As ironic as it is embarrassing, the Economist has unwittingly infected their readers with malware, due to using a third-party analytics to detect readers using ad-blockers. People tend to use ad blockers to protect not only their privacy, but their computers as banner ad distributed malware has been rampant for a decade now. (see previously: March 2007, Dec 2007, Sept 2008, google itself caught up in it April 2015 etc). More recently the war between ads and ad blockers has heated up as publishers feel the squeeze when banners are no longer seen. Some publishers, like Techdirt, opted for simply asking their readers to turn off ads, while others like the Economist relied on Pagefair for analytics, but you can also use it as an adblock-friendly revenue stream.

The Third party Pagefair, is an analytics system & adblock detector that can be used to direct your readers to a subscription model, or show adblock friendly ads. Pagefair was hacked on Halloween by a trojan that masqueraded as an Adobe Flash update. For 83 minutes, 501 publishers using Pagefair were unwittingly spreading the malware.

The Economist has posted this apology and alert to readers to clean their PC's. "Oct. 31, 23:52 GMT and Nov. 1, 01:15 GMT, using Windows OS and you do not have trusted anti-virus software installed, it is possible that malware, disguised as an Adobe update, was downloaded onto your PC." Key words, "trusted anti-virus software" - these are the only players who are winning in this ever escalating tech war between advertisers and publishers, trolls and hackers.


Update, the Economist has reached out to us and wanted to publish this statement, which is a much saner one than the linked one that recommended you "change all passwords" as step one, then run an anti-virus. If you're infected by a keylogger, as explained in this statement below, your new passwords would fall into the hands of the hackers if you did it in that order.

On Oct. 31, 2015, one of economist.com’s vendors, PageFair, was hacked, affecting 501 of its publishing clients, including us. We know that the issue lasted 83 minutes before it was resolved by PageFair. We were informed on Monday morning that this had happened. We obtained a copy of the malware from PageFair in order to analyze it independently.

The specialist company we engaged, Tempest, informed us the software is a keylogger – a type of surveillance software that has the capability to record every keystroke made by someone who has downloaded the malware – and this may compromise a user’s personal data such as passwords and bank and credit card details. We have now taken action to inform visitors to economist.com via this page. Please note that economist.com’s own systems have not been compromised; therefore any data we hold on our customers remains secure.

The Economist takes cybersecurity extremely seriously and strives to maintain the highest level of protection for our customers.