Malware in Flash ads

Discussion in 'other security issues & news' started by vincenzo, May 18, 2015.

  1. vincenzo

    vincenzo Registered Member

    Joined:
    Nov 28, 2005
    Posts:
    151
    I've been reading some articles from last month on exploits delivered via Flash advertisements:

    http://arstechnica.com/security/201...ffpo-other-sites-downloaded-extortionware/#p3

    https://blog.malwarebytes.org/malvertising-2/2015/04/flash-ek-strikes-again-via-googles-doubleclick/

    I am looking for an application that will help to protect from this for some users who are not tech savvy. I know I can block with NoScript and other Click-to-play options, but those require extra attention that would not fly with these users.

    I've read that MalwareBytes Anti Exploit may be good for this purpose. Any thoughts on that, or other suggestions?

    Thanks
     
  2. PallMall

    PallMall Guest

    Using your HOST file with correct filters will stop all doubleclick trash and many many more.
     
  3. vincenzo

    vincenzo Registered Member

    Joined:
    Nov 28, 2005
    Posts:
    151
    OK thanks for the info. But that would require regular updating of the HOSTS file to maintain protection against newly discovered threats, would it not? I don't want to be checking back regularly on these people's computers, I was hoping to find a solution that would update itself. Does anyone here use MBAE for this purpose?

    Thanks
     
  4. TS4H

    TS4H Registered Member

    Joined:
    Nov 5, 2013
    Posts:
    512
    Location:
    Australia
    For the "not very tech savvy" there are adblockers for browsers that are very powerful and will protect against most popups, malware, scripts that may potentially infect. Extensions such as ublock/adblock plus will protect very well as most flash ads can be blocked via filters. Such Filters include Malware domains lists, Fanboys annoyances, Easylist, Easyprivacy and so forth, the extesnions are very user friendly. Almost set and forget.

    Solutions like EMET MBAE HMPA will protect against exploits, such that it will protect you if an exploit was to infect your browser, but this is rather reactive as opposed to proactive like ublock/adbock is. The good thing about having both is that if malware happens to bypass adblock/ublock filters, then it needs to break through other layers before it can infect your PC, in which case EMET MBAE HMPA may help you if it does.

    Using Ublock/adblock is definitely the first line of defense, and will protect you from the chance that you run into one.
     
  5. PallMall

    PallMall Guest

    Regarding the HOSTS file you may be interested in an application such as HostsMan which is an application delivered with default lists and has the option of updating them automatically. The user can add/remove lists of his choice but the default ones provided will handle the main intruders, doubleclick included of course.
    The idea is to prevent. HOSTS is excellent in doing so except of course when using a proxy/VPN.
     
  6. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,057
    I agree with TS4H - adblocker with subscriptions that are automatically updated is best solution for less savvy users. OTOH HOSTS file protects other applications also. But if your users use only one browser, installing adblocker for that browser would prevent most of this kind of infections.
     
  7. vincenzo

    vincenzo Registered Member

    Joined:
    Nov 28, 2005
    Posts:
    151
    OK thanks to all. I am looking into these options now.
     
Loading...