Earlier this month, if you have been following Curious, you may have seen my commentary about Apple finally finding itself in the crosshairs of malicious hackers. A group called Palo Alto Networks discovered in the BitTorrent client Transmission a devious device that calls itself KeRanger. KeRanger piggybacks another application—in this case, Transmission—and then encrypts your files for three days before demanding a ransom. Once a payment (in BitCoin usually) is made, you regain access to your files, but no guarantee is given that a solitary payment will be the end of your data being held hostage. Hackers can, at any time, reactivate the software and return for more money. It’s a long-term payout for some hackers.
This is the real threat of ransomware.
Ransomware can load on to your computer without your knowledge, sometimes through a download or an email attachment, and then works on encrypting your data once set loose on your computer. There is no way to confirm or deny if your data is safe once the ransomware installs itself. The only way to gain access to your data is to pay whatever financial accounts are provided in order to have your data de-encrypted. This is how ransomware works, and it is difficult to safeguard yourself from such malware. You can take precautions such as avoid websites offering free media like books, movies, and music. (Pirate sites love attaching malware to “free” media.) You can also avoid emails with attachments from people you don’t know.
Hackers know that not all people are lax when it comes to security. This is why targets for malware delivery systems are have been set high. Now, instead of obvious, questionable site, malware is cropping up in names consumers know, recognize, and trust.
Cnet reported that ransomware had been found in ads downloaded from the New York Times, BBC and AOL. Usually, good quality virus protection software updated on a regular basis will block ads of this nature, but recent cases from security sites such as Malwarebytes and Trend Micro are citing a number of high profile, high traffic websites have been delivering ransomware.
So how are trustworthy sites, especially ones that report on malware themselves, becoming carriers of malicious software? These ads usually appear on their websites via ad networks, and the third-party ad delivers the ransomware.
Wait a minute, you might think. Aren’t ad networks supposed to screen for this sorty of thing? The answer is “Yes” and Google is pretty good at it; but in March of this year, there was a spike of malicious activity across ad networks, and Google’s network along with AOL’s, AppNexus’, and Rubicon’s network were affected. This has put the aforementioned all on high alert. They are issuing assurances that they are on top of the matter, but this has exposed a real vulnerability that—rightfully so—have made ad networks nervous. Not only are pop-up ads and action items somewhat loathed across the Internet, this kind of breach could affect advertisers in wanting to invest into online advertising.
Sadly, this trip-up will not help those publishers who dismiss adblocking sites and label them bad for business. “Just block the ads and you won’t have that problem at all.” is the argument. Yes, perhaps ads do bring in more revenue; but you know what is worse for business than pop-up blockers? Malware. Terrible for business, I assure you.
A research physicist who has become an entrepreneur and educational leader, and an expert on competency-based education, critical thinking in the classroom, curriculum development, and education management, Dr. Richard Shurtz is the president and chief executive officer of Stratfdord University. He has published over 30 technical publications, holds 15 patents, and is host of the weekly radio show, Tech Talk. A noted expert on competency-based education, Dr. Shurtz has conducted numerous workshops and seminars for educators in Jamaica, Egypt, India, and China, and has established academic partnerships in China, India, Sri Lanka, Kurdistan, Malaysia, and Canada.