TMZ have been serving the Angler exploit kit to its 30 million monthly visitors. Readers of the gossip rag are exposed to the Angler exploit kit, which loads malware capable of data theft, kickstarts ransomware including the horrid Cryptowall, and seeks out all possible vulnerabilities to exploit. TMZ are just one in a row of publications that have had their banner ad system compromised, most recently the Rotten Tomatoes, Jerusalem Post have been victims of this ongoing "malvertising" campaign.
Rogue advertisers are increasingly able to defeat various ad networks which is not good news for publishers and their visitors. It means more booby trapped ads will be delivering malware on people’s computers via drive-by download attacks.
As always, this malvertising campaign we uncovered goes through multiple layers and ultimately redirects to a domain that belongs to ad platform SmartyAds. Rogue actors are leveraging SmartyAds by creating fake identities and legitimate looking websites which hide a complex infrastructure of conditional traffic redirection.
The ad networks affected are ContextWeb and Smartyads. "The malicious ad only cost $0.19 for one thousand user impressions (CPM), highlighting how cheap and effective malvertising can be." With your computer infected, your bank account can be found, your credit cards, your personal information, your email, passwords and so on. Think of how much of your personal data is inside every device you use. Should you really be letting ad banners put your personal data at risk? This is a security issue, ad block now.