Home Cybersecurity CryptoWall Ransomware Uses Prominent Websites to Deploy Malvertising Campaign

CryptoWall Ransomware Uses Prominent Websites to Deploy Malvertising Campaign

Posted: September 30, 2014

popular-sites-redirect-via-ads-malware-pagesThe Internet is a vast place, one that can be compared to the mass that exists in the universe. Within the vast wide-open realm of the Internet, therein lies popular websites that occasionally are the brunt of some type of hacker threat or the initiator of spreading malware onto computers.

In the latest pandemic discovered by security researchers a Barracuda Labs, a malvertising campaign has been spotted on five prominent websites that are apt to spreading the malicious CryptoWall Ransomware threat. This sites where the malicious ads were running are hindustantimes[dot]com, bollywoodhungama[dot]com, one[dot]co[dot]il, codingforums[dot]com, and mawdoo3[dot]com.

The advertising network found to have had malicious advertisements inserted is the Zedo ad network. The practice of inserting malicious ads is a rather old technique that hackers have utilized many times to spread malware or lead computer users to sites that serve as a place to gain money by clicks on ads or ad impressions.

Computer security researchers have commonly found malicious ads on many advertising networks. What takes place to allow the malicious ads and temporarily bypass detection, is by means of the digital certificate, which in this case was considered valid from DigiCert. In all, this makes it difficult to detect malware on an affected system as it does with the CryptoWall Ransomware threat.

Figure 1. CryptoWall Ransomware Worldwide Distribution Graph - Source: Dell/SecureWorks
cryptowall distribution map graph

CryptoWall has been considered as one of the greats in the spectrum of ransomware threats as it can to encrypt files on a computer and then ask that a fee be paid for decryption of those same files. The CryptoWall ransomware has been a major nuisance among computer users around the world for many months across the globe as demonstrated in figure 1 above. Usually, the only method of removal is left to the use of a reliable antimalware application. Additionally, many computer users have resorted to recovering their system completely through a backup-recovery process – CryptoWall Ransomware is just that bad.

Now knowing how easy hackers can spread threats like CyrptoWall, using an ad network that displays advertisements on trusted and popular websites, the pandemic of such threats are in full force. Avoiding infection of a threat from such a method of spreading is difficult as in this case of advertisements leading to the installation of malware. It is in a computer user's best interest to always keep their software updated and run the latest version of an antivirus or antimalware application.

Loading...