Answers.com was the victim of a high-profile malvertising attack that spread across the internet in March 2016.
The attack infiltrated website visitors’ computers with a virus that can lock down a user’s computer and demand a ransom before releasing the computer’s hard drive data. Any user who attempts to deactivate the virus without paying the ransom is threatened by the prospect of losing access to their data forever.
This is at least the third malvertising attack on Answers.com in recent years. In February 2015, cybercriminals deployed malware that infected Answers.com for nearly two months before being detected. The malvertising attack was installed through Adobe Flash Player ads and affected not only Answers.com, but also the New York Daily News, HowtoGeek.com and the Huffington Post.
In the fall of 2015, Answers.com was hit again by a malvertising attack. This attack ran for approximately three-weeks before being detected by either Answers.com or the other victims. It was reported that the malvertising culprits posed as real advertisers for the website and then deployed their infected ads, which compromised millions of user’s computers.
What is Malvertising?
Malvertising is an insidious form of computer malware that has largely flown under the radar since it grew to prominence in 2014. It is very dangerous due to the way that it infects computers. Most computer viruses can be avoided with common sense rules that internet users have internalized by now, such as not clicking on bizarre advertisements or downloading files from spam emails. Malvertising bypasses these defenses by using advertisements that automatically load on a popular website to infect users.
For example, a popular website such as Answers.com usually uses an automated ad network to generate advertising revenue for their website. These advertisements may not be screened by the owners of Answers.com. Instead, the advertising network checks for security exploits and provides content that is appropriate for the demographic of the site. If a hacker is able to create an ad that looks normal, but secretly contains malvertising technology, that ad will infect users’ computers as soon as they load it on the website.
The Dangers of Malvertising
It is hard to protect yourself from a threat that you do not know exists. Most users would never dream that a “safe” website such as Answers.com could be a potential source of computer malware. This is exactly what happened earlier this week when one of the site’s advertisements was a corrupted malvertising ad which infected its users with the virus. The users did not actively download any files and therefore were not able to use the usual anti-malware scans to protect against it.
The Answers.com virus came from a new hacking tool called the Angler Exploit Kit. This kit is a compilation of tools which can be used to create the malicious advertisements that infected computers through Answers.com ads. The creators of the Angler Exploit Kit are continually updating the kit to stay ahead of anti-malware companies.
The Answers.com staff and its ad network partners were able to remove the malvertising from their site as soon as it was detected. In spite of the Angler team’s desire to continue to infect innocent users’ computers, major websites such as Answers.com will hopefully have the technical skills necessary to keep their sites from being exploited again in the future. Smaller sites without the same budget or technical know-how are still at risk for future attacks.
Protecting Yourself from Malvertising
People who want to stay safe from future attacks should keep all software on their computers updated to the most recent version. Most computer exploits target slightly out-of-date software. An example of this is older malware exploits targeting security holes in Adobe products. Computers kept up to date and scanned regularly for viruses will almost always stay ahead of these sorts of attacks.
It is unfortunate that the traditional rules of internet safety do not apply to malvertising. Due to its sneaky nature of infecting even the safest and most well-respected websites, there is not a lot you can do to avoid a cutting-edge malvertisement attack. The best way to prepare for this worst-case scenario is to back up your computer hard drive at least once a month. If you ever get infected with a bad virus, you can always use the backup to restore your computer to full health.