Humaniq

Infected Ad Networks Are Spreading Bitcoin Ransomware

Various major online media outlets are currently spreading Bitcoin ransomware and other types of malware to website visitors. Among the culprits are AOL, BBC, and The New York Times, as their common ad network has come under attack by internet criminals by the look of things. Affected users may found themselves on the other side of a screen displaying a Bitcoin ransomware message very soon, and the number of potential infections is increasing every minute.

Also read: BTC38 Will Add A DASH/CNY Trading Pair

New Bitcoin Ransomware Attack Through Ad Networks

TheMerkle_Bitcoin Ransomware Ad Networks

Anyone who has visited the website of these mainstream hubs may have been exposed to malware and Bitcoin ransomware infections. Even though the number of reported infections remains incredibly low for the time being, there is a serious threat associated with these infections, as it appears major internet ad networks are affected.

The culprit for these infections is an exploit kit called Angler, which targets a wide variety of common Internet software tools embedded on websites and in advertisements, including Microsoft Silverlight and Adobe Flash. By infecting an undisclosed ad network, this toolkit has been able to infect computers all over the world, and it looks like the malware is spreading.

As is the case with any Bitcoin ransomware or sophisticated malware, it is very difficult for security solutions to pick up on these threats. One particular JSON file contains over 12,000 lines of code, which ensure the malware remains undetected by antivirus solutions. Once again, security experts and researchers will have to play catch-up with the malware threat.

Teslacrypt seems to be the Bitcoin ransomware variant of choice, which we have covered on this website extensively in the past. This is a particularly nasty type of ransomware which spread through an infected ad network a few years ago and claimed a fair amount of victims around the world. This new strain of Teslacrypt appears to be more sophisticated than its predecessor, though.

By the look of things, trouble started brewing last weekend when a large amount of malware attacks were reported, as they attacked the same publishing networks as mentioned above. It is impossible to guess how widespread this malware distribution reaches, as any major ad network could be compromised at this stage. The situation is a clear call for Internet users to install an ad blocker and avoid infection altogether.

Moreover, Internet users are advised to remove all third-party browser plugins and extensions except the ones that are needed. Even tools like Adobe Flash and Microsoft Silverlight should be disabled until this threat has been eliminated altogether. So far, only Windows users seem to be affected by this form of Bitcoin ransomware.

Source: Ars Technica

Images credit 1,2

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.