The Huffington Post, Yahoo News, AOL, Match, Weather, TMZ and many other Web sites have been hit with malicious advertising. Security researchers at Malwarebytes Labs found the bug. In aggregate, the affected sites reach about 1.5 billion Web visitors, per the online security firm.
The mainstream Web sites, ad networks and foxbusinss.com get redirected to a landing page infected with malware advertising. The ad networks affected include advertising.com, adtech.de, and googlesyndication.com. The malware advertising attacks occur on several high-level domains.
Malware will remain one of the top threats this year. We're not even two weeks into the 2015, and this is the second major attack in the new year. Earlier this week, Nick Bilogorskiy, director of security research at Cyphort, reported a new campaign wreaking havoc on sites generating Internet traffic. The company's logs show the attacks began in late October.
Advertisements running on Huffington Post in Canada were infected with malware advertising after hosting ads from AOL's ad network, advertising.com. The landing page served an exploit kit. The site visitor was bounced from one site to another, and some were HTTPS encrypted. "Interestingly attackers used a mix of HTTP and HTTPS redirects to hide the servers involved in this attack," Bilogorskiy wrote. "The HTTPS redirector is hosted on a Google App Engine page. This makes analysis based on traffic PCAPs more difficult, because HTTPS traffic is encrypted."
The script tried to downloaded a Trojan onto the Web site visitor's computer. Since Cyphort found the malware advertisements have been spotted on many more sites such as FTM, Houston Press, The Indy Channel, Game Zone, and Weather Bug.
FireEye, a computer security analysis and consulting firm, released Thursday a new study detailing how most companies are more vulnerable than they may think. Malware is more pervasive and much more harmful today than in the past.