Aol updating definition files
A large number of popular websites are serving users malicious advertising which attempts to infect them with ransomware.The websites themselves are not serving malicious advertising, referred to as malvertising, instead several high profile advertising networks affiliated with the sites are the source.Upon successful exploitation, Angler infects the poor victim.” Another notable aspect of this malvertising campaign is that the perpetrators scooped up recently abandoned domain names from media companies to look like legitimate customers to online advertising networks.According to Trend Micro, “This campaign is targeting users in the United States and may have affected tens of thousands of users in the last 24 hours alone.” They also report that the Angler Exploit Kit is expanding its capabilities to target the Edge web browser on Windows 10.In this case, the exploit kit is also targeting a recently patched vulnerability in Microsoft Silverlight, a plug-in for web browsers.As reported by Trustwave's Spider Labs blog, one of the malicious files being served by affected advertising networks contains a list of security programs and tools: “If the code doesn't find any of these programs, it continues with the flow and appends an iframe to the body of the html that leads to Angler EK landing page.
The websites affected include MSN.com, NYTimes.com, BBC.com, AOL.com, NFL.com, and The Weather among others.
Combined these sites receive over 2 billion visits a month.
Users who want to protect themselves from such campaigns need to keep their software up to date, especially their operating system and web browser, uninstall superfluous browser plug-ins like Flash, use an ad-blocker, and install an up-to-date antivirus program.
(simply known as AOL, originally known as America Online, stylized as Aol.) is an American multinational mass media corporation based in New York, a subsidiary of Verizon Communications.
Such vulnerabilities are typically the result of outdated versions or unpatched vulnerabilities in popular programs such as Adobe Flash.
If the user’s computer contains one or more of these vulnerabilities, the exploit kit selects the most effective malware and installs it on the user’s computer.