Is the threat from continuous changing or mutating malware distributed through the online ad network adverts ( Unwanted Adware )displayed on the most popular domains Yahoo, Amazon and Youtube, Real ?
According to ESET, which makes its living by monitoring the Web and creating products to threats online, says that the threat is real. And the sites such as Yahoo, Amazon and Youtube do contribute to what ESET calls ‘Malvertising’. Hence the Online Ad threat on Yahoo, Amazon, YouTube is real,and an online user must safeguard himself/herself from becoming ‘Victims of Malvertising’.
The recent attack has been nicknamed Kyle and Stan, due to the naming scheme of the subdomains within the group – “stan.mxp2099.com” and “kyle.mxp2038.com”. These online ad malware is distributed via online advertising networks, basically by conning one of the large companies whose ads are seen on thousands of sites into forwarding an ad with a malicious payload.
The size of the attack is much larger than the 700 domains and nearly 10,000 users have hit these domains and been exposed to the malicious advertisements. This attack vector is not new, as the New York Times has previously fallen victim to a malvertising campaign – but that ‘Kyle and Stan’ takes a unique approach. The attack is extremely effective and delivers a unique malicious payload for every visitor, packaged with a legitimate media player, and a piece of malware which is tailored to each user.
How to cleanse your PC from unwanted adware and 10 Tips to avoid Unwanted Adware online
1. Enable ‘Potentially Unwanted Applications’: Which is usually provided all top antivirus providers
2. Diagnose the condition:
Spotting if you are infected is actually quite hard – If you ever see ads popping up on your desktop, or within apps other than your browser, or different sites appear than the one you expect when you type in a URL, you probably have a problem.
3. Check your bookmarks and favourites
Changing home pages, adding new bookmarks and favourites are all signs of adware. In this case, visit to Control Panel to see if new programs have appeared, and uninstall them.
4. Spring clean your browser
Ensure your browser is set up to block installation of extensions by default, and to block pop-up adverts, check your extension panel regularly, as a precaution. If you see programs you don’t recognize, kill them.
5. ‘Freeware’ is rarely a free lunch
Often adware is delivered as part of ‘free’ software, with your ‘consent’ to this buried deep within a licence agreement. Think hard about whether you really need software – and read reviews on other sites, not the owner’s before downloading.
6. Hard to kill – but worth it
If your PC has been around a while, uninstalling software can be a daunting task – there’s often pages of it. But adware can be killed. Look for publishers you don’t recognize, software whose name you don’t remember, but Google first before hitting the button. Some companies install ‘helper’ apps which are perfectly legitimate such as Apple’s Bonjour, which arrives alongside iTunes – so it pays to select targets carefully.
7. Actually read licensing agreements
Be careful with software that claims to be ‘free’ open the licensing agreement and search for words such as “information” and “advertising”. Read about the developer – and read reviews before installing. Intrusive adware usually causes a storm of internet fury, so if freeware does come with unwanted ‘passengers’, it’s often not hard to find out.
8. Toolbars are tools you don’t need
Not content with providing cybercriminals with many of the ‘entry points’ they use to attack PCs. Java also ‘offers’ users a toolbar for the unpopular search engine Ask, each time they install one of its many, many security updates. Untick this box. Ask is laden with far more adverts than Google. Toolbars often offer little service to the user bar ‘binding’ them to one search tool or email provider.
9. If your browser asks for permission for an app, read it
Both Chrome and Firefox will warn you if an app is installing an extension in your browser – don’t ignore these warnings. Adware is often installed this way, so read the warning, and if you don’t recognize or want the program, say no. This does not apply, however, to stealthy malware such as Boaxxe.32, which arrives in disguise, so it’s worth visiting extensions folder often.
10. Most anti-adware is, in fact, adware
The worst possible thing you can do is to search for ‘anti-adware’ software – the web is loaded with such ‘free’ software, most of which is adware, often worse than the adware you already have. There are some legitimate, and good, programs – PC Decrapifier does a good job but most such ‘free’ tools are traps, pure and simple.
11. Recognise Too Good for Real Offers
12. Don’t Roam in Web too much
Just like the Real world, there are both good places and bad places on Web as well.