Cybersecurity News in Asia

Features
- Featured
  
  Bridging the data science talent gap for national cyber defenses: Urgent action needed
  
  Monday, April 29, 2024, 10:16 AM Asia/Singapore | Features
- Featured
  
  AI adoption in India: A balancing act worth chatting about
  
  Thursday, April 25, 2024, 2:53 PM Asia/Singapore | Features, Newsletter
- Featured
  
  AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
  
  Monday, April 22, 2024, 4:40 PM Asia/Singapore | Case Study, Features
News
- Featured
  
  Understanding the “multiplier effect” of digital fraud in the region
  
  Thursday, May 2, 2024, 2:05 PM Asia/Singapore | News, Newsletter
- Featured
  
  The LockBit group may have been busted, but its code lives on
  
  Tuesday, April 30, 2024, 11:34 AM Asia/Singapore | News, Newsletter
- Featured
  
  Were cyberattackers evading detection less efficiently in 2023?
  
  Friday, April 26, 2024, 1:42 PM Asia/Singapore | News, Newsletter
Opinions
Tips
Whitepapers
Awards 2024
Directory
E-Learning

News

This malware gives ad blockers a bad name

By CybersecAsia editors and webmaster webmaster | Monday, November 1, 2021, 9:20 PM Asia/Singapore

Instead of blocking ads in browsers, the extension pumps even more junk onscreen to steal ad revenue from legitimate advertisers.

Annoyed and distracted by the incessant ads in Chrome and Opera browsers? Just download a free ad blocker extension and you may get some relief.

Except in a recent case, a free browser extension called AllBlock turned out to give ad haters even more headaches.

Cybercriminals often advertise ‘free’ apps and plugins that look legitimate. This baits more people to download software into their machine. In the recent campaign discovered by Imperva Research Labs, AllBlock was advertised as an ad blocker extension available on both Chrome and Opera browsers.

According to Reinhart Hansen, Chief Technology Officer (Asia Pacific and Japan), Imperva: “Once downloaded, AllBlock uses its elevated installation privileges at the browser level to inject Javascript into the user’s application experience. This directs the consumer’s browser to load specific ad content pop-ups and side-bar ads where the hacker is paid per click. It’s a very underhanded and cunning way for the hacker to secure advertising revenue because the user is forced to click on the ad to make it disappear from their screen.”

The campaign targeted users of some of the largest websites, stealing clicks and advertising revenue. The originators of the attack have not been discovered, but researchers believe there is a larger campaign taking place that may utilize different delivery methods and more extensions.

Through such ad injection campaigns, cybercriminals steal advertising revenue from publishers and websites and create a terrible experience for the user—displaying annoying ads and degrading site performance—which can result in customer loss.

Worse, this particular ad injection campaign is hard to detect because the malware contains code to monitor when debugging tools are being used. It then hides its malicious activities.

The only way protection is use client-side protection that prevents unauthorized JavaScript from being able to execute.

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Securing Industry 4.0
The world is advancing to Industry 4.0 in full swing, and this is a key …Download Whitepaper
Secure Access Service Edge (SASE) Solutions for Today’s Work-From-Anywhere (WFA) Environment
Organizations are turning to Secure Access Service Edge (SASE) solutions for securing remote work environments, …Download Whitepaper
Identity Has Breached the Ecosystem
This whitepaper explores the dual nature of identity in cybersecurity, emphasizing its role in both …Download Whitepaper
Fortanix Buyers Guide for Modern Key Management and Data Security
This document underscores the pressing challenges in key management and data securityDownload Whitepaper

Middle-sidebar-banner

Case Studies

How medical devices manufacturer Tuttnauer protects patient and personal-data safety
In running a cloud-based portal to link its smart medical equipment, the firm has also …Read more
AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming
To test the safety/security of a generative AI feature, what unchartered bugs and human testing …Read more
Real estate logistics provider GLP steps up to zero trust architecture
With its physical and digital footprint growing, the global firm’s outdated legacy security stack has …Read more
Identity security woes now a thing of the past for Heng Leong Hang
The retail chain was grappling with numerous cyber risks in its IT infrastructure until it …Read more

Cybersecurity News in Asia

Featured

Bridging the data science talent gap for national cyber defenses: Urgent action needed

Featured

AI adoption in India: A balancing act worth chatting about

Featured

AI vulnerability testing: Knowing the In’s and Out’s of proper red teaming

Featured

Understanding the “multiplier effect” of digital fraud in the region

Featured

The LockBit group may have been busted, but its code lives on

Featured

Were cyberattackers evading detection less efficiently in 2023?

This malware gives ad blockers a bad name

Related Posts

Leave a reply Cancel reply

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Middle-sidebar-banner

Case Studies

Bottom sidebar