Game of Thrones fans may have been infected by ransomware while watching the season six premier last weekend. Malvertisers served the dangerous malware through Magnitude exploit kit after they bought advertising space on the infamous Bittorrent website targeting users with pop-under ads, the Register reports. Here to comment on this news is Mark James, Security Specialist at ESET.
Mark James, Security Specialist at ESET:
Do you have any insight/details of this malvertising campaign?
“It’s hard for the average user to comprehend how malvertising works. Most users associate being infected by going to a dodgy website and downloading a dodgy file, or browsing a website and choosing to download a file that is bad. However, when presented with a scenario that’s capable of infecting them without any visible interaction on their behalf, the end user is often baffled by “how it happened”. Just by visiting these infected sites the malware is able to infect your machine with NO interaction from you whatsoever, and you may not even be aware until the malware starts to do its ugly task; in this case infecting you with ransomware, thus rendering your private and often very personal files useless.”
What are the criteria a victim’s system would have to meet to be compromised?
“Often in these cases the malware will use mostly known and patched exploits but may also include zero days (exploits that have not yet been patched by the creator or author). In the former case simply keeping your applications and operating system patched and updated to the latest versions would in most cases keep you safe. However, of course the latter could still get you into trouble if you’re not using some kind of add-on or extension to block these potentially harmful scripts. In most cases taking a few simple and free steps to protect yourself will stop these attacks from being successful. Sadly we still underestimate the importance of running a good updating internet security product along with regularly updating our applications we use each and every day. Ensuring your operating system is as new as possible and all updates installed will give you a good solid defence that will combat most of the threats we see each and every day.”
Have we seen similar campaigns in the past?
“Sadly whenever we see news that hits the headlines you will always find someone looking to exploit it. It might be a risqué video or picture of a famous celebrity waiting for you to like or share some information before finding out it’s a scam or malware. Malware writers are often intelligent beings, it’s no different to the pick pockets in days of old hustling and bustling people in the town square waiting for an opportunity. Nowadays the pick pockets are malware and the town square is our digital universe, Same Stuff – Different Day.”