MSN home page spreads malware via malicious ad

MsnAre you blocking online ads yet?

Perhaps you should.

The likes of Forbes and Yahoo Mail are reportedly trying to block access to users who are running ad blockers. But it's an argument that is losing ground as more and more internet users find their computers are compromised by malvertising.

According to security firm MalwareBytes, the latest high profile site to be found spreading malware to its visitors via dodgy ads is MSN.

As researcher Jerome Segura reports, the attack appears to have been primarily focused on German users - posing as an ad for the cheap-and-cheerful supermarket chain Lidl.

MSN malvertising

Segura says that he saw the malicious ads serving up the RIG and Neutrino exploit kits in their attempt to infect vulnerable surfing computers with malware.

I can't help but feel a little bit sorry for MSN. It didn't put the advert on its site, it simply displayed an ad provided by a third party advertising network (AdSpirit). But this isn't the first time that MSN has served up malicious ads.

If AdSpirit hasn't found a way to ensure that any ads it delivers to clients like MSN are unpolluted, then maybe they should put their thinking caps on or get out of the advertising business.

And if MSN doesn't have contracts in place with hefty penalties for any advertising network which puts its website visitors at risk then clearly they need to think long and hard about that too.

But it's the users who I feel most sympathy for. They should be able to feel safe browsing a popular website like MSN, and not have to worry that malicious code might be surreptitiously trying to infect their PCs.

One thing I do know. If you had an ad blocker running on your web browser, you probably would never have had the malicious ad rendered in your browser, and that would mean that your computer wouldn't have been at risk of infection.

Frankly, I tell everyone I know to run an ad blocker. I realise its sucks for websites that try to generate revenue for advertising, but my sympathy disappears when there's such a big problem of poisoned adverts.

Tags: , , ,

Subscribe to the free GCHQ newsletter

, , ,

Special offers & deals


  • PureVPN - 85% off!

    PureVPN - 85% off!

    Make sure your personal data and online activity aren't exposed. Encrypt your internet traffic and cover your tracks with PureVPN. Works with your PCs, Macs, iPhones, Androids, routers, gaming consoles, and Smart TVs. Connect up to 5 devices at once at top speeds.
  • Password Boss Premium Version - 86% off!

    Password Boss Premium Version - 86% off!

    All you need to do is remember one master password, and Password Boss will do the rest - remembering all of your different online passwords securely. Security and peace of mind.

More deals...

Leave a reply

6 Comments on "MSN home page spreads malware via malicious ad"

Notify of
avatar

Sort by:   newest | oldest | most voted
Ants
Visitor
Ants
January 20, 2016 4:46 pm

Rolled out Adblock Plus to the company 2 weeks ago.

coyote
Member
Regular
coyote
January 20, 2016 10:27 pm

Big surprise.

Actually the only thing that comes close to a surprise (but more like baffling) is why these organisations haven't gotten a clue yet; worse is they only care about a profit – and even whine (and try to find a workaround for the users workarounds) about the workarounds for their own blunders. That is why I don't feel any sympathy to their cause; if they don't respect the website viewers they don't deserve the profit from adverts being displayed on their website (I'd go so far as to say any organisation that doesn't respect their customers/users don't deserve anything at all except perhaps contempt and a bad reputation). Sure it isn't their fault in one sense (they didn't choose this advert) but it is in another sense and I'm afraid that is the sense that matters. This is besides the obnoxious ads that have sound, pop-up, and I don't know what else (because I go beyond blocking ads and block scripts). You can't reasonably say that the users should go elsewhere because of iframes and the cross-site scripts etc. make it rather impossible to simply avoid the offenders.

They bring it on to themselves and until they figure this out and solve the problem, this will happen. By which time the users won't trust (wise decision) the claims they are now fixed, so even if the problem could be permanently eradicated I imagine many would still have ads blocked (never mind sexual [i.e. porn], potentially unethical or illegal websites that have these problems). I know I would still block scripts and ads.

Simon
Visitor
Simon
January 21, 2016 10:37 am

I don't know what's more illicit, malvertising to those who still use MSN…

Jokes aside, agreements should be mandated for liabilities and the ad-provider held accountable for supplying inappropriate content.

It's damaging to your brand, reputation while the vendor and crims profits.

David L
Visitor
David L
January 21, 2016 1:04 pm

The former CEO of Firefox, has just developed a new browser,version 0.7, up at GitHub, named Brave. It is based on Chromium,and has ad blocking built-in as default operation. It has a little ways to go before it's complete,as no bookmarks,or history yet.

Now,as for Android, there are now several options for ad blocking browsers. Firefox has the most options because it's the only one with add-ons or blocking extensions. However, Ghostery and Adblock Plus have standalone browsers now in playstore. There are other offerings, but it is a growing trend.

Also, Adblock Plus was "blocked" from attending an ad industry conference recently. Go figure. Guess the industry is not interested in playing nice,and has some new secret weapons they will likely be discussing.

Michael W
Visitor
Michael W
January 21, 2016 5:30 pm

Good advice, except that lately I have been coming across sites that tell you that you MUST disable the ad blocker or else you cannot see the page contents. Of course, we all have the right to simply decline and move on and feel that the page is the poorer for us not being able to visit/read. But if I really want to see the content then I am held hostage and have to disable my ad blocker at least temporarily.

drsolly
Visitor
drsolly
January 22, 2016 12:12 am

I had that with a site I used to visit. I declined, moved on, and also sent their management an email explaining exactly why I block ads.

wpDiscuz