RIG 3.0: Ερευνητές ανακάλυψαν ένα νέο και βελτιωμένο exploit kit που χρησιμοποιούν οι hackers για να σερβίρουν μολυσμένες διαφημίσεις.
Οι hackers φέρεται να αγοράζουν διαφημίσεις σε real-time πλατφόρμες και τις ενσωματώνουν με το RIG 3.0, μια υπηρεσία που μπορεί να καθορίσει αν ο υπολογιστής ενός ατόμου είναι ευάλωτος. Στη συνέχεια, σερβίρουν το trojan αφού διαπιστώσουν ότι θα λειτουργήσει στο σύστημα που θα “προσγειωθεί.” Αυτοί που έχουν ευάλωτους υπολογιστές δεν χρειάζεται να κάνουν click to the malicious ad to receive the trojan, which means too many are infected without even knowing it.
The most scary thing is that these malicious ads can appear anywhere. such as your favorite sites and media.
Over a period of six weeks, the company security Trustwave discovered that RIG 3.0 had served malicious ads to 3,5 millions of people, of whom 1,5 millions were infected.
Η attack has now spread globally, although the most affected countries seem to be Brazil and Vietnam. So far in the US, they have nearly 46.000 people, and as Trustwave reports the number is expected to grow.
The RIG service has existed before, as understood by 3.0. But this version is much better than the older ones. For example, RIG 3.0 encrypts trojans in a way that makes it more difficult to detect protection software.
Trustwave reports that although this type of attack is productive, there are ways to stop it. Here are three proposals for uninhabited accommodation:
- Update your computer software, including Flash, Java and Silverlight. This is double for your browser and related plugins. Also, keep Microsoft Office up to date. It would be good if you have not already enabled them to enable automatic updates on your computer.
- Make sure that click-to-play is enabled in your browser. With click-to-play enabled, infected ads will not be able to automatically download malware to your computer. You should click on them.
- Install a trusted anti-malware.