Web smut seekers take resurgent Ramnit malware from behind Aficionados of salacious smut sites in the UK and Canada are picking up some nasty software that infects systems by using corrupted pop-under adverts. Security researchers at Malwarebytes Labs running a malware honeypot have started noticing resurgence in the Ramnit trojan among the samples. Ramnit was a particularly …
So this came from an exoclicks ad. So anyone who was infected this way can start suing Exoclicks for compensation right? Or at the very least the cops will go after Exoclicks for failing to regulate their delivery, right?
Didnt think so. But it's about time we got the ability to go after the scum (I mean the advertisers in this case) for not Monitoring the ads they are serving. If they took 5 minutes to actually check what they're serving up, the Internet would be a much nicer place....
Ad firms should be forced to reverse proxy all ads and ensure content is scanned..
This would make them much more careful, as not only would they be held accountable, the cost of bandwidth will force them to be more selective.
Another benefit is it would be easier to block the ad distribution network..
The answer to this is, yes...
https://threatpost.com/inside-the-rig-exploit-kit/121805/
It's a kit of a load of different types of exploits. As mentioned in the article, first stage is javascript code, so if you block that (noScript is your friend as always it seems) the rest doesn't get a chance to get into play.
The problem is that this sort of ad runs through an ad-slinger. So a "good reputation" website could still end up slinging ads. (Even the Chocolate Factories ad networking has been known to sling malware).
Time for ad networks (or their customers) to demand an end to all these ridiculous script slinging ads. There is no need for them.
"At the heart of the RIG attack, researchers say, is a three-pronged attack strategy that leverages either a JavaScript, Flash, VBscript-based attacks as needed."
What isn't mentioned is the desktop operating system required in order for this malware to sucessfully execute.
Not long ago on this very site a thread like this could be relied upon to bring in a few shills to remind us that without easily exploited advertising systems the whole internet would go bankrupt and collapse into fiery oblivion, dragging us all along with it. Any attempt to actually make anyone accountable was a grievous blow to the free market economy guaranteed to doom the entire world to an internet with zero content.
(mild hyperbole)
Anyone still feel like stepping up to defend these plague spreading rats?
Anyone at all?
I'll restate my stale, old opinion. Ads should go back to how they were long (not really that long) ago. The site that hosts the content hosts the ads and accepts responsibility for vetting them. No middleman, bullshit script linking. Until then my blocks on all ads, trackers and scripts remain fully enabled. Even if half the links I click show up totally blank, at least it's a safe(r) blankness.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
