Adblock can be good for you

Many people use adblock (Including me) and I noticed that a lot of businesses are stating that adblockers are bad and people should not use them.

Don’t listen to it. Adblockers provide an important role in security for blocking compromised adverts, malvertising, clickjacking and malicious web resources, which will infect users with all sorts of malware. Anything from Ransomware to spyware can infect the user.

What is malvertising?

Malvertising is the use of 3rd party advertisements to infect users with malware. Often these malicious adverts contain scripts that redirect the user through a series of exploits that infect the user with malware. The most common type of malware used as a payload of exploits is ransomware.

What is clickjacking?

Clickjacking is the use of adverts to hide a malicious webpage on top of something that the user can interact with on the parent page. For example, websites offering downloads sometimes have ads which cover the download button, so the user clicks on the malicious webpage, however they actually meant to click on the real download button. As a result of the clickjacking attack, the user is now infected with malware.

I understand that you need income

Of course, everyone needs some sort of income to stay alive and keep doing what they do, but companies and businesses should not blame people that use adblock for their loss of income. Instead, they should blame the people that host malicious advertisements, as research has shown that malicious adverts are on the rise, meaning that the rise in adblock could actually be caused by the rise in malvertising.

What kind of exploits are being used?

Malwarebytes has discovered the use of both the Neutrino exploit kit and the RIG exploit kit in malicious adverts. These exploits were infecting the user with CryptoWall ransomware. You can learn about a recent example of malvertising and the exploit kits named above here.

Summary

Just to be clear. I am not against the use of adverts to gain income. I am against the use of malicious advertisements. (In other words I just don’t want to be infected with malware)

I would recommend Malwarebytes Anti-Exploit to protect against exploits in vulnerable applications!

Advertisements

What are state-sponsored attacks?

If you are wondering why I am re-writing this blog post, it is because the old version was terrible and didn’t explain it very good.

State-sponsored attacks / incidents are where government organizations target and attack certain companies such as Google or Facebook and try to steal personal information. This information often contains things which identify and expose members of the public. The state-sponsored actors often find and use vulnerabilities in services to steal this information, which is referred to by some as ‘hacking’ or ‘exploiting’ those services.

What personal information is collected / stolen?

Many things are stolen such as names, gender, phone number, date of birth, home address and many more. The government organisations use this information to identify and locate activists or people who are wanted by the police. However, recently there has been a number of attacks where information was stolen belonging to random members of the public.

What government is doing it the most?

There has been many debates about this, but by far the most notorious countries known for these attacks are Russia, United States, United Kingdom and China. China was somewhat expected to be in this list * as the Chinese government already do some suspicious things with their internet communications.

What vulnerabilities do they use?

Many vulnerabilities are being exploited such as MITM, XSS, SQL Injection or even Cross Site Request Forgery. Some attackers even use one vulnerability to find another.

Summary

Many large companies are warning people if they are believed to be a target of a state-sponsored attack, such as Google, Yahoo, Facebook and Twitter. This means that if you are targeted, you can protect your identity and personal information by removing them from these services, before the governments actually obtain this information.

 * – This is my opinion and I was not trying to be stereotypical or ‘racist’.