PerezHilton.com, home to Hollywood and celebrity gossip news, has served up a new set of malicious ads to some of its half a million daily site visitors.
The site has been pwned before, by malvertising campaigns using the Angler Exploit Kit. Nick Bilogorskiy, a Cyphort researcher, says the site was redirecting users to an Angler Exploit Kit.
This time the infection is different, using another Exploit kit; another redirector from AOL (adtechus.com) and using Amazon Cloudfront CDN to distribute the malware. After, Angler usually drops Bedep malware, which will further download and infect a victim's machine with CryptXXX ransomware.
“Many users fought back by disabling all advertising to secure themselves. Nearly 200 million now use Adblock, according to Statista. In 2015, this form of ad blocking cost publishers nearly $22 billion (£15 billion),”said Bologorskiy.
Similar malvertising campaigns have also recently affected Google's Blogger platform (Blogspot), security information portal VirusBulletin, and the news portals of CBS-affiliated TV stations.
“Malvertising growth continues, and is on pace for the largest year ever,” added Bologorskiy.