Friday, August 14, 2015

The most popular websites are suffering a plague of ads which infect visitors

This summer will be remembered on the Internet not by a plague of mosquitoes but for malicious advertisements infected with virus as fearsome as "ransomware". The pest was first detected in Yahoo! and continues along the most visited Web sites. We'll also discuss about how they can monitore us while surfing the battery status of our phone, the serious problems of Android security and the true story of a company which managed to recover stolen money via Internet bribing police officers.

This summer we recommend to surf the net carefully. It is running a criminal operation which, since June, infects ads from websites with millions of visits such as Yahoo! or DrudgeReport. The malicious ads use HTTPS encryption to avoid detection. When they find a visitor with a vulnerable browser, they infect your computer with malicious code which can contain a "ransomware", the worst virus for users because it encrypts all files and demands a ransom. We recommend patching browsers and install ad-blocking programs.

Caught on battery

The height may be that these malicious ads also spy our navigation. They could do it with a new technique recently introduced by French and Belgian researchers: the HTML5 specification can read the status of the battery of our phones. From this, it could monitor where we are walking through our battery status as an element of identification.

Quo vadis, Android

Talking about mobile phones, who has a serious problem is Android and, by extension, Google: this summer will be remembered not only by the large number of cars which have been hacked in the congresses of hackers, but also because they have not stopped discovering failures in Android, failures that Google itself has not been able to properly manage, considering that the patch that brought to the most serious one, Stagefright, not worked and it was not even launched within 120 days that the Project Zero Google requires the others companies.

The cyber-bite

We finish with an interesting story brought by the journalist Brian Krebs, about a company which, via Trojan, stole $ 197,000. The bank declined to be responsible and the company investigated on its own until catching the authors in China. The police in that country would not act until a friendly lawyer, who lived in China, offered them cigarettes and take one "bite" if he could catch the bad guys.

We wish a good weekend to our readers, reminding them that on Sunday we'll publish our traditional interview, this time with the founder of RootedCON congress, Román Ramirez.


Post a Comment