A ray of hope in the fight against malvertising

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

A new service offers to keep all your Web browsing on its servers. It could be the answer, despite the risks of contracting with a startup.

I recently wrote about how the Angler malware threat had affected my company. Adversaries have been buying space on legitimate advertising banner services, embedding malware in their fake ads, and using the unsuspecting ad agencies to serve their malware through legitimate websites to users, who might be innocently browsing major news and financial websites. It continues to be a problem for me.

Today, for example, I got an alert about an infection attempt via a training website. I’m also seeing an increasing number of Angler infection attempts coming via Web searches. The malware-bearing search results all look the same: seemingly random text from some old book, probably some classic of literature, that doesn’t make any sense in the context of the Web search. That doesn’t matter, though; it’s just there to serve up malware to any unsuspecting users who click on the search result. One of my users was hit yesterday while trying to find a hiking website in India.

I used to think my life would be much easier if I could just put a stop to personal Web surfing from my company’s network. But that was before legitimate Web browsing, such as checking financial news or even using a work-related training website, started serving up tainted advertisements. Of course, it never would have been feasible to block non-work-related activity, but now it wouldn’t even solve the problem. I certainly can’t block every website that has now become a threat.

To continue reading this article register now

Join the discussion
Be the first to comment on this article. Our Commenting Policies