Malverts have been a major topic recently. With Spotify getting hit from Malverts, and a report from Sophos (Sophos Article) that Facebook had some Malverts. Malverts have been spreading all over major ad supported websites. If you don't know what a Malvert is: A malvert is a malicious advertisement that leads to exploit code to infect machines with un-patched software.
Most of the time these attacks target popular applications such as Adobe Reader, Adobe Flash, Internet Explorer, Firefox, Java. These programs are on machines everywhere and many users ignore the "Please Update your program now" alerts.
These type of attacks come from many different sites. A friend I know got infected by a TDSS rootkit just be visiting a very small blog they got from an email news letter. They went to the site and as soon as it started to load Java started up and loaded up the rootkit/fakeav onto the machine without them even clicking anything. These attacks can come from a super popular site which many visit or a small unknown site that just got an infected ad by some random chance.
Now for some prevention steps, now they may seem simple but they will keep your deeply lower the chances you have of getting hit by a Malvert.
1. Keep all your products updated. Take some time each week (or each month) to make sure all your products are updated and have all the patches installed. It may seem like it will take much time but would you rather lose your personal data or take some time for preventing it from happening. Always remember those update alerts are there for a reason, to keep you safe from exploits.
2. Keep your security products up to date. This seems like simple advice but many either ignore the fact their av is not updated. Or decide its not worth it to subscribe to their av for another years worth of protection. Your security software is your line of defense, you take the time to replace your home locks when they break so you also must tune your pc like you do your house.
3. Use a secure dns service as an extra layer of protection. Blocking malware urls from the source will prevent the malverts from even having a chance at loading. ClearCloud from GFI/Sunbelt is a very good DNS service to protect the machine.
4. Use an Adblocker. If you use Firefox (which I recommend) I suggest adding Adblock Plus to help prevent ads loading. Without ads you can't have malverts/
No comments:
Post a Comment