Anti-Ad Blocker Gets Hacked: Users Vulnerable to Malware after PageFair Hack
This means that online users visiting affected sites from a Windows computer between 11:52 P.M. and 1:15 A.M. GMT last Saturday were likely exposed to risk, but would only be affected if they clicked on a link masquerading as an Adobe Flash update.
On Sunday, November 1, CEO Sean Blanchfield addressed the incident with a blog entry accounting how the hack took place and the measures that were undertaken to mitigate damage caused by the breach. He wrote, “The attack was sophisticated and specifically targeted against PageFair, but it is unacceptable that the hackers could gain access to any of our systems. We identified the breach immediately, but it still took over 80 minutes to fully shut it down. During this time, visitors to websites owned by the publishers who have placed their trust in us were targeted by these hackers.”
Blanchfield added that only a fraction of the 3,000 publishers operating with PageFair were attacked, and that most of the publishers affected during the 83-minute period are small—60% of which has less than one million page views on a monthly basis, and 90% with page views barely reaching ten million page views per month. However, PageFair highlighted that every publisher, big or small, are of utmost value to them and vowed to take steps to prevent incidents like this from happening again.
Publishers go to PageFair to effectively measure the cost of ad-blocking and to display alternative, non-intrusive advertising to ad blockers because they “personally experienced the damage ad blocking can do to a website.”
In our 2016 Security Predictions, Trend Micro experts believe that ad-blocking will lead to the reformation of the advertising business model, which would propel advertisers to seek new ways to get their advertisements out. It is apparent that the growing aversion of online users to unwanted ads is fueling the popularity of ad blockers, where users are no longer just “annoyed” by ads but are fully aware of the risks they pose. The firm, however, believes that the rising popularity of ad-blocking services is leading to the death of quality free websites. It supports its claims by saying, “At PageFair, we want to help create a more sustainable advertising ecosystem, one in which publishers can focus on loyalty and engagement instead of traffic and clicks, and make money without depleting their audience's goodwill.”
A number of media experts have said that it was only a matter of time before an attack like this would take place. The nature of services that the company provides makes them a viable target to those who are on the opposite side of the spectrum, believing that they have every right to block ads and “not be tracked online”.
In its latest update last November 2, PageFair shared an estimate that only 2.3% of visitors to the affected publishers would have been hit by the infection.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale