The Hollywood celebrity gossip website Perez Hilton has been hacked, serving CryptXXX ransomware. The famous website started redirecting visitors to the Angler Exploit Kit that has lately become one of the most popular cyber crime tools used by hackers to deploy ransomware.
The breach was recently revealed by the security researcher at Cyphort Labs – Nick Bilogorskiy. According to the expert, this was not the first time when the website was targeted by cyber criminals. Neverthelss, in this case, the malvertising campaign was redirecting over 500,000 of the website’s daily visitors to Angler’s leading page, which in turn dropped the Bedep malware that would then download and infect the user’s system with CryptXXX ransomware.
Meanwhile, Bilogorskiy, who identified the redirection domain – som.barkisdesign.com, is also believed to be involved in a separate malvertising campaign, which targeted, among others, CBS television stations as well as some GoDaddy accounts last month.
“Malvertising continues to be one of the preferred vectors for attackers to compromise users’ machines with malware,” stated Bilogorskiy. “Malvertising is effective because users tend to trust mainstream, high-trafficked “clean” websites. The attackers abuse this trust to infect them via third-party ad content.”
In addition, Bilogorskiy pointed out that users have taken to “fight back” with advertising blockers. Nevertheless, while ad blockers may protect users from potential malvertising attacks in some cases, the blowback has resulted in publishers losing an estimated $22bn last year.
Currently, the moderators of the popular tech discussion forum Reddit are considering banning publishers who force users to disable ad-blockers from their website, in order to protect their visitors from potential malvertising attacks. Such a ban would have a powerful impact on publishers who are dependent on discussion forums like Reddit to promote their content.