View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

CryptoWall ransomware is ‘leveraging’ advert networks

Blue Coat says it has uncovered another malvertising campaign.

By Jimmy Nicholls

Yahoo’s advert network is being hijacked to serve users with CryptoWall ransomware, according to security firm Blue Coat.

Malverts, or malicious adverts, are said to be appearing alongside legitimate marketing, and are programmed to download malware to a user’s computer.

Chris Larsen, threat researcher at Blue Coat, said: "What looked like a minor malvertising attack quickly became more significant as the cyber criminals were successfully able to gain the trust of the major ad networks like ads.yahoo.com.

"The interconnected nature of ad servers and the ease with which would-be attackers can build trust to deliver malicious ads points to a broken security model that leaves users exposed to the types of ransomware and other malware that can steal personal, financial and credential information."

CryptoWall, a type of ransomware, encrypts users’ files before offering to unlock the data in exchange for a fee, much like CryptoLocker.

Several referral websites located in India, Burma, Indonesia and France were connected to the malware , according to Blue Coat, as well as a number of other "suspicious" ad servers.

Yahoo has been contacted for comment.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU