Malvertising Hits ‘The Daily Mail,’ One of the Biggest News Sites on the Web
Daily Mail readers in danger of downloading ransomware
The internet is a dangerous place, so much so that browsing popular news websites can lead to your computer automatically being infected with malware, without you even noticing.
The latest victim is perhaps one of the biggest targets yet: The Daily Mail website, which apparently has around 156 million monthly visitors.
The attack was discovered by researchers at MalwareBtyes, and is part of a previous malvertising campaign affecting the Microsoft Azure ad network, which was uncovered by the same researchers earlier this year.
In this case, malvertising on the Daily Mail was redirecting victims to the Angler exploit kit. This particular kit has been used to deliver ransomware, which locks down a target’s computer until they cough up a hefty fine, as well as banking trojans, designed to siphon off financial information.
Last week, researchers announced they had taken down a significant part of the Angler exploit kit ecosystem. One group of hackers was reportedly making up to $30 million a year from using it.
Over the past few months, a clear trend of malvertising targeting news sites has emerged too. In December 2014 and then August of this year, the Huffington Post was inadvertently infecting its readers. Yahoo was hit in the summer, and then just last month Forbes fell victim to an attack too.