Attack of the Malicious ads

If you see this DON’T RUN OR SAVE IT!

We have been getting a number of complaints lately about malicious ads being served by the wordpress.com premium hosting service we are connected with.  Most of the emails say WUWT is the only place they are getting them, which makes me suspect they may be a targeted attempt to discourage viewing content here. But it’s also possible it’s just part of a larger problem. While the complaint emails let us know this is happening, they are generally not useful to us in helping wordpress.com track down the culprits and boot them because they don’t have enough key information.

First, I have no control over these. I don’t manage ads. WordPress.com aka Automattic does. Here is some background on why there seems to have been an explosion of them lately.

Now, researchers have uncovered one of the forces driving that spike—a consortium of 28 fake ad agencies. The consortium displayed an estimated 1 billion ad impressions last year that pushed malicious antivirus software, tech support scams, and other fraudulent schemes. By carefully developing relationships with legitimate ad platforms, the ads reached 62 percent of the Internet’s ad-monetized websites on a weekly basis, researchers from security firm Confiant reported in a report published Tuesday. (Confiant has dubbed the consortium “Zirconium.”) The ads were delivered on so-called “forced redirects,” in which a site displaying editorial content or an ad suddenly opened a new page on a different domain.

As you can see, it’s a big problem. Nefarious scumbags are everywhere.

Second, just emailing us “I keep getting these ads” isn’t really useful, we need more information

If you are getting these ads we need the following:

  1. What was the name of the ad? What kind of content?
  2. If possible,click on the link within the ad that says “report this ad”
  3. Please let us know what operating system and device type you are using. Mobile, Mac, or PC?

Feel free to use the contact page to make a report to us. Thanks, and I’m sorry for the trouble.


Comments are disabled on this post on purpose.

Best defense if you think you are infected (or want to prevent it) is the free Malwarebytes program for all popular platforms.

Advertisements