Skip to content

Another Reason Not to Click on Ads

A recently discovered threat, dubbed “Stegano” by anti-virus provider Eset, has potentially compromised millions of computers via malicious advertisements.  Essentially, malicious code is embedded into advertisement banners in the image’s alpha channel and is virtually undetectable to the naked eye. The malicious code redirects the browser to a site that hosts three exploits for known Adobe Flash vulnerabilities (now patched in newer versions of Flash).

When infected advertisements are clicked, the infected ads load a modified version of Countly, an open-source package for measuring website traffic. Javascript in the modified Countly script then extracts the hidden code from the image’s alpha channel and executes it. Because the JavaScript itself is not malicious, ad networks failed to detect the threat. As a result infected ads made it to several mainstream, reputable websites.

But don’t panic; there are a couple simple steps you can take to protect yourself. First, patch your Adobe Flash by installing the latest version from Adobe’s website. Second, install a browser plugin that blocks website advertisements – AdBlock Plus is great for this. Finally, if you suspect you may have been exposed to this threat, make sure your anti-virus software is up to date and run a virus scan. Should you need assistance, we are here to help!