Huffington Post, Other Sites Hit by Malvertising via AOL Ad Network

8229504229_47a07ff41f[1]You may have a firewall, antivirus, and other security tools, but that won't necessarily protect you online.

The security experts at Cyphort reported on their blog yesterday that they are seeing a new wave of malicious advertising attacking visitors to several popular sites:

This Saturday, January 31, 2015 Cyphort Labs detected a malvertising campaign with infections on multiple websites, including the website of Huffington Post (a news aggregator and blog site with more than 51 million monthly visitors). This is a continuation of the attack we have previously reported in early January.

This weekend Cyphort crawler observed a 400% spike in the number of daily infections discovered.

The malvertisements were distributed by, an AOL-owned ad network, as well as two other companies, and Cyphort has already notified AOL that its ad network had become corrupted, and the ads have been removed, but Cyphort reported that they were unable to reach the other two companies.

For those just tuning in, malvertising is a term used to describe adverts which, when you click on them redirect you to a site which either tries to hack your computer tries to infect it with a virus.


In this case, victims were redirected through several domains before being dumped on a page hosting an exploit kit, an automated tool that scans for weaknesses in your computer security which hackers can exploit. This campaign uses the Sweet Orange exploit kit, Cyphort said,and if a vulverability was found then the Kovter Trojan executable was installed to take advantage.

The list of the websites infected in this campaign:


As I reported last October, malicious advertising is a persistent problem which is growing worse month by month.  Cyphort says that this latest incident is a continuation of the attack they had previously reported in early January, and that they they think it's going to get worse.

We believe that this trend presents a significant cybersecurity challenge in 2015.  Web site owners should ask questions about their malvertising protection before signing up with ads syndication networks.  More importantly, web site owners should deploy infection monitoring and detection solutions to protect their site visitors from malware infection.

The best way to protect yourself is to use an ad blocking plugin to provide an additional layer of security.

I do.

PC World

image by IntelFreePressYuri Yu. Samoilov

About Nate Hoffelder (11467 Articles)
Nate Hoffelder is the founder and editor of The Digital Reader: "I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

2 Comments on Huffington Post, Other Sites Hit by Malvertising via AOL Ad Network

  1. anotherdigitalreaderfan // 4 February, 2015 at 4:11 pm // Reply

    I’ve been enjoying flagfox addon. Shows the country flag of the server you are on in the url box in case you kicked over somewhere unexpected. Nate, recommend any add ons? I know adblock plus and Ghostery are popular.

2 Trackbacks & Pingbacks

  1. Maxthon Updates Windows, Android Web Browsers With Bundled Adblock Plus ⋆ Ink, Bits, & Pixels
  2. Aol Ad Hack – Adidass News

Leave a comment

Your email address will not be published.