Over the last few days, cyber-criminals have been hard at work, running malicious ads on realtor.com, according to security company, Malwarebytes Labs, the same attackers behind other high-profile malvertising attacks on eBay and others. They say this could have exposed users to ransomware which typically locks your device and requires payment to unlock it and give you back your data.
The security firm says that people using the site in recent days “may have been exposed to this malvertising campaign and consequently infected if their computers were not patched or did not have adequate security software.”
Further, they noted, “Like all other malvertising attacks, this one did not require to click on the bogus ad to get infected.”
Malwarebytes says their customers were already protected against the attack which attempted to distribute the Bedep Trojan (ad fraud, ransomware) via the Angler exploit kit, and we would add that if you have protection on your device, you may not have been impacted (and if you don’t have anti-virus and malware protection, this is a great reminder to go do that right now).
Here is how the company says it works:
Was your device impacted by visiting realtor.com?
The ad network, AdSprit says they have taken down the malicious ads, but if you used the site in recent days, Malwarebytes says your device may be infected.
“Rogue advertisers are putting a lot of efforts into making ad banners that look legitimate and actually promote real products or services,” Malwarebytes notes, ading that “the use of SSL to encrypt web traffic is getting more and more common in the fraudulent ad business and that only makes tracking bad actors more difficult.”
Realtor.com is not alone – many companies have been victim to this problem even the most guarded and forward-thinking, which is why it is important to protect your devices.
In a statement to The Real Daily, realtor.com says, “We have resolved this issue, and continue to use industry best practices to deliver a safe and reliable experience for our users.”