News

‘NU.nl spread malware via infected advertising network’ – update 2

By admin
Spread the love

NU.nl, NuSport and Voetbalzone, among others, spread malware because an advertising network was infected. A security researcher from Fox-IT discovered this. NU.nl has now blocked the advertising network.

NU.nl, NuSport and Voetbalzone themselves were not responsible for the spread of the malware, emphasizes security researcher Yonathan Klijnsma of Fox-IT. “The fault is not with them, but with an advertising provider,” says Klijnsma. “It’s very difficult to determine exactly where it was. Something went wrong somewhere in the ad network.”

An hour and a half after the problem came to light, NU.nl blocked the responsible advertising network, after the site had previously temporarily disabled all advertisements as a precaution. According to NU.nl, only the desktop site was affected, and users of the apps were not at risk. The problem has also been solved at NuSport and Voetbalzone.

The attackers used a so-called exploit kit; who try to exploit holes in software to install malware. However, it is not clear exactly which malware was distributed, as well as the number of visitors who were confronted with malware. “But it will not be that bad in large companies, because the advertisements were distributed via a server on a high port. So, for example, those who only allow ports 80 and 443, for example, were not bothered by this,” says Klijnsma.

Ad networks are more commonly used to spread malware. For example, attackers buy advertisements that provide them with malware, or they crack an ad server. Because ad networks often load content from each other and ads are automatically resold, spreading malware is difficult to prevent.

In the past, NU.nl has spread malware more often. This happened, among other things, through cracked ad networks, but also by breaking into NU.nl itself. The same happened to NRC, De Telegraaf, Wehkamp and Marktplaats, among others.

Update, 17:36: NU.nl has turned off all advertisements as a precaution. That information has been added to the article.

Update, 18:04: NU.nl has solved the problem; the article has been updated.

You might also like
News

Android 14 beta brings support for a desktop mode

News

Good news for TSMC: its 3nm node will take flight in 2024 thanks to the push of these…

News

The most boring technology of the 21st century: Intel has only grown 5% since 2000

News

Google Password Manager can start sharing passwords with partners or children

News

PlayStation 5 beta update improves audio from DualSense controller

News

Rumor: Android 15 puts apps in ‘edge-to-edge’ mode by default