Malvertising is making the headlines once more, this time with popular websites Forbes.com and Realtor.com serving up malicious malware.
FireEye researchers have reported that eight Forbes URLs attached to news stories between 2012 and 2015 were included in the attack, whilst Malware bytes is reporting that people browsing Realtor.com website over the last few days may have been exposed to a malvertising campaign.
Both attacks are similar to previously reported attacks that hit sites including ebay.com last month, where visitors can become infected WITHOUT clicking on any bogus ads.
The attackers were able to get the ads onto websites though advertisers and real time bidding networks that both failed to check their security integrity, with visitors who encountered the ads bounced onto both the Neutrino and Angler exploit kits. The Angler exploit kit in particular has an exploit rate of about 40% of all visitors who encounter it.
Forbes has since reported that the malicious adware has been shut down.
Forbes.com is one of the most popular news sites in the world, whilst Realtor.com receives an estimated 28 million visits per month and is ranked third in its category online.
More IT security news at www.itsecurityguru.org
@IT_SecGuru