Hackers take advantage of anti-ad blocking services to instigate malware attack

Mumbai: Several websites that were using a free analytics service unintentionally exposed their site’s visitors to a malicious malware attack as the anti-ad blocking company incharge of providing the analytics was attacked by hackers.

The anti-ad blocking company PageFair was attacked by hackers in the last few minutes of Haloween when they sent a spear phising email that ultimately gave the attackers access to PageFair’s content distribution network account.

The hackers reset PageFair’s Javascript code, which they usually use on subscriber websites, and the password was subsequently reset.

As a result, people who visited over 500 unnamed sites in the following 90 minutes received malicious pop up windows asking them to upgrade their version of Adobe Flash player, and recommending them to install malwares disguised as official update.

PageFair’s CEO Sean Blanchfield in a blog post published on Sunday said: "For 83 minutes last night, the PageFair analytics service was compromised by hackers, who succeeded in getting malicious javascript to execute on websites via our service, which prompted some visitors to these websites to download an executable file. I am very sorry that this occurred and would like to assure you that it is no longer happening.

According to a security provider F-secure, the malware served from the fake adobe flash player link was originally a remote access tool called the Nanocore that logs passwords, takes webcam snapshots, and regularly updates information on a server controlled by hackers to upload private data.

However, the attack was soon detected by several anti-virus packages including F-secure, which lowered the intensity of the attack.

Pagefair’s CEO estimated that only 2.3 per cent of people visiting one of those 500 websites might have been infected. However, this attack is an appropriate example to show that visiting known sites can also expose them to malwares.

Download the all new Deccan Chronicle app for Android and iOS to stay up-to-date with latest headlines and news stories in politics, entertainment, sports, technology, business and much more from India and around the world.