informa
Quick Hits

Malvertising Gets Boost From Malicious Browser Plug-ins

Cisco discovers malicious browser add-ons that serve up unwanted and sometimes infected ads.

Cisco's Talos Group has discovered malicious browser plug-ins that inject unwanted or infected ads onto certain pages an unfortunate user visits.

The attackers can thus deliver malware (via infected ads), collect user behavior data, or just get a nibble of the $200 billion online advertising market.

The browser add-ons also fingerprint the user's system, and display ads customized for different operating systems -- a PC repair ad for Windows and a gaming ad for Linux, for example. Plus, the installer circumvents Google Chrome's policy of distrusting third-party plug-ins, by manually whitelisting them.

For more details, see the Cisco threat report blog.

 

Recommended Reading: