Malvertising Cyber Attack Hits Gumtree

A recent malvertising attack delivered computer malware to the users of Gumtree, Australia’s largest classified ads website.

This malware was automatically downloaded to users’ computers through seemingly normal advertisements for a local law firm. This law firm was not aware that hackers had stolen their identity and used it in false advertisements, which compromised the integrity of Gumtree’s ad network and, in turn, exposed their users to a dangerous computer virus.

A Brief History of Malvertising

Malvertising has stayed under the radar despite its increasing prevalence over the last few years. The first major instance of malvertising was an advertisement that snuck onto the New York Times website in 2009. Any user who clicked the seemingly safe advertisement was exposed to a computer virus. In 2011 a new method for malvertising was developed which did not require website visitors to click the ad. As soon as the ad loaded, even if never clicked, the malware would attempt to infect the user’s system. Spotify was the first victim of this hack.

The computer virus that recently spread to Gumtree originates in early 2015’s “Kovter” virus. Kotver infiltrated a variety of popular websites including The Huffington Post, FHM, and LA Weekly. This malware installed itself onto users’ computers and then completely blocked them from accessing any computer data until a ransom was paid. This ransom ranged from $300 to $500.

The Recent Gumtree Hack

The malvertising attack that targeted Gumtree’s users is an updated version of the Kovter virus which utilizes the Angler Exploit Kit. This hacker tool is an active threat to everybody on the internet and is continually being updated as the hackers attempt to exploit new security flaws in computer software. The malware displays a message in which the user is told they cannot use their computer until a ransom is paid. Any attempts to disable the virus without paying the ransom could result in the permanent loss of all data.

Gumtree was not alone in being hit with this attack. Other popular sites targeted by the malvertising include The New York Times,, and MSN. The exploit was spread through popular advertising networks and therefore slipped under the radar of most sites’ security protocols. After the exploit was discovered, it was quickly patched and these websites were restored to their formerly secure state.

Staying Safe

Malvertising attacks spread to any computer which visits a website with the dangerous ad. Users do not need to click the ad to be infected. This means that older forms of virus protection software may not be sufficient to avoid an infection from this type of computer malware.

It is important to follow the best practices for computer safety to avoid losing your data to hackers. The best way to stay safe is to maintain a regular backup of your computer hard drive. Backing up your data on a weekly basis will keep you safe from the most malicious attacks, because you can always restore your data to an older version. Even if your computer is fully compromised, hackers can do nothing to hurt you if you have an older version of your data locked away.

An overlooked aspect of computer safety, but no less important, is keeping all of your computer programs and plugins up to date. Outdated Abobe plugins are the most common way for hackers to infect your computer. Other old software can be similarly unsafe. If you keep your computer updated, perform regular hard drive backups, and don’t visit strange websites, you will be able to stay safe from even the worst computer viruses.

Have You Been Hacked?

*Cyber breach data provided by Have I Been Pwned

Enter your email or username to see if your information was compromised.

Have You Been Hacked?