A recently discovered threat, dubbed “Stegano” by anti-virus provider Eset, has potentially compromised millions of computers via malicious advertisements.
Essentially, malicious code is embedded into advertisement banners in the image’s alpha channel and it is virtually undetectable to the naked eye. The malicious code redirects the browser to a site that hosts three exploits for known Adobe Flash vulnerabilities (now patched in newer versions of Flash).
When infected advertisements are clicked, the infected ads load a modified version of Countly, an open source package for measuring website traffic. Javascript in the modified Countly script then extracts the hidden code from the image’s alpha channel and executes it. Because the JavaScript itself is not malicious, ad networks failed to detect the threat. As a result infected ads made it to several mainstream, reputable websites.
But do not panic; there are a couple simple steps you can take to protect yourself. First, patch your Adobe Flash by installing the latest version from the Adobe website. Second, install a browser plugin that blocks website advertisements – AdBlock Plus is great for this. Finally, if you suspect that you may have been exposed to this threat, make sure that your anti-virus software is up to date and run a virus scan. Should you need assistance, we are always here and happy to help!
Frankenstein Computers has been taking care of our happy clients since 1999. We specialize in NO CONTRACT IT Support, Cyber Security, IT Service, IT Security, Office 365, Cloud, VOIP, SPAM, Wireless, Network Design, MAC repair, PC Repair, Virus Removal, remote support, web design and much more! See what our clients have to say about us on Yelp!