Cryptocurrency-mining malware spotted on more than 4200 sites including UK, US, and Australian government sites

Security researcher Scott Helme has spotted a third-party exploit that injects a script that mines cryptocurrency on over 4,200 sites, from the UK NHS to the US Courts' official site to the sites of other esteemed security researchers. Read the rest

Equifax is serving malware to visitors

On Wednesday, security researcher Randy Abrams visited the Equifax site to contest bad information in his credit report and was attacked by malicious software that tried to get him to download a fake Flash updater that was a vector for an obscure piece of malware called Adware.Eorezo. Read the rest

Malware delivered by bad ads takes over your home router to serve more bad ads (for now)

Proofpoint has identified a new version of DNSChanger EK, a strain of malware that changes your DNS settings so that the ads on the websites you browse are replaced with other ads that benefit the attackers -- and which can also be used for more nefarious ends, because controlling your DNS means controlling things like where your computer gets software updates. Read the rest

For two years, criminals stole sensitive information using malware hidden in individual pixels of ad banners

Eset's report on Stegano, a newly discovered exploit kit, reveals an insanely clever, paranoid, and devastatingly effective technique used by criminals to infect their victims' computers by hiding malicious code in plain sight on websites that accepted their innocuous-seeming banner ads. Read the rest

Martin Shkreli offers a bailout to ailing 4chan

Meme factory/Anonymous birthplace/alt-right breeding ground 4chan is facing challenges similar to those plaguing all ad-supported sites, but as with all things channish, 4chan's problems have their own unique and grotesque wrinkles. Read the rest

Hacker puppets explain why malware and popups are still a thing online

Gus the hacker puppeteer (previously) writes, "Most of us have a relative whose computer or phone is still a snake's nest of pop-ups and malware. The 'YOUR COMPUTER HAS A VIRUS, CLICK TO SCAN' attack is still a thing, 2016 though it may be. And there are enough people asking 'why do ads pop up (on my iPhone, computer, etc)' for that question to register on Google search autocomplete." Read the rest

The Economist's anti-ad-blocking tool was hacked and infected readers' computers

Pagefair is an ad-blocking circumvention tool that publishers can use to track readers who've taken technological countermeasures to protect their privacy. The company has sold its service to many publishers -- including the Economist -- by deploying moral arguments about the evils of ad-blocking. Read the rest