Menu
EN

Security experts exposed RoughTed — a massive malvertising operation

Cybersecurity technicians from Malwarebytes.com have researched a malvertising operation that had already been active for about a year with the peak on March, 2017. The malicious ads have gathered about half a billion clicks in just three month.

Malvertising is a cybercrime tool that works by breaking into ad networks and planting infected ads among others. Such adds carry viruses, trojans, ransomware and other types of malware. Notably, such ads needn't to be clicked at — they can do their black work just after being loaded by a browser.

The campaign described by Malwarebytes.com has been called RoughTed. Its ads have the ability to bypass adblockers (including Adblock Plus and uBlock origin). AdGuard users don't need to worry — we have long ago updated our filter lists.

Thanks to Malwarebytes.com, we can now evaluate the entire scale of RoughTed. Ads with malicious code were found on large web properties, many ranked within Alexa's top-1000. The campaign has mostly affected users of the United States and Canada, then - Britain, Italy, Spain and Brazil, but the victims were found in all regions of the world (except China).

The quality of the RoughTed operation is also impressive. The technologies used for the attacks, just like advertisement targeting software, determined the features of a victim's device - its location, operating system and other data, allowing to choose the optimal method of attack. Someone received a false warning that they need to update the software or contact the support team, someone was treated with a banking trojan (those steal financial information, bank card data, etc.), someone's computers were used to generate app or browser add-on installs (developers pay for app installations) ...

Fingerprinting was used for targeting, so it was possible even if the device had programs that block tracking and data mining.

As you can see, the harm from advertising is not limited to its intrusiveness, abuse of time and attention. Accordingly, blocking advertising is not a whim, but a security issue. You should choose a blocker that has agile and competent developers, who keep in touch not only with advertising novelties, but also with cyber threats, and update filters promptly. For example, AdGuard.

Malveritsing has been known for at least 10 years, among the distributors of infected ads were not only porn sites, torrent trackers and small properties whose webmasters were desperate to monetize them with the help of whatever is offered. This role is familiar to the sites of The New York Times (attacked in 2009), Huffington Post, The Daily Mail, Los Angeles Times, Forbes, Yahoo. A previous large malvertising campaign was described in the spring of 2016.

Forbes had a really funny incident: it had been distributing infected ads simultaneously with a campaign against ad blockers. Users with this software didn't see the articles on Forbes.com and saw a call to stop blocking ads. If they did, they became a victim of malware.

Liked this post?
By downloading the comments you agree the terms and policies

AdGuard
for Windows

AdGuard for Windows is more than an ad blocker. It is a multipurpose tool that blocks ads, controls access to dangerous sites, speeds up page loading, and protects children from inappropriate content.
User Reviews: 18578
4.7 out of 5
By downloading the program you accept the terms of the License agreement
Read more

AdGuard
for Mac

AdGuard for Mac is a unique ad blocker designed with macOS in mind. In addition to protecting you from annoying ads in browsers and apps, it shields you from tracking, phishing, and fraud.
User Reviews: 18578
4.7 out of 5
By downloading the program you accept the terms of the License agreement
Read more

AdGuard
for Android

AdGuard for Android is a perfect solution for Android devices. Unlike most other ad blockers, AdGuard doesn't require root access and provides a wide range of app management options.
User Reviews: 18578
4.7 out of 5
By downloading the program you accept the terms of the License agreement

AdGuard
for iOS

The most advanced ad blocker for Safari: it makes you forget about pop-up ads, speeds up page loading, and protects your personal data. A manual element-blocking tool and highly customizable settings help you tailor the filtering to your exact needs.
User Reviews: 18578
4.7 out of 5
By downloading the program you accept the terms of the License agreement

AdGuard Browser extension

AdGuard is the fastest and most lightweight ad blocking extension that effectively blocks all types of ads on all web pages! Choose AdGuard for the browser you use and get ad-free, fast and safe browsing.
User Reviews: 18578
4.7 out of 5

AdGuard for Safari

Ad blocking extensions for Safari are having hard time since Apple started to force everyone to use the new SDK. AdGuard extension is supposed to bring back the high quality ad blocking back to Safari.
User Reviews: 18578
4.7 out of 5
Available on the
App Store
Download
By downloading the program you accept the terms of the License agreement

AdGuard Home

AdGuard Home is a network-wide software for blocking ads & tracking. After you set it up, it’ll cover ALL your home devices, and you don’t need any client-side software for that. With the rise of Internet-Of-Things and connected devices, it becomes more and more important to be able to control your whole network.
User Reviews: 18578
4.7 out of 5

AdGuard Content Blocker

AdGuard Content Blocker will eliminate all kinds of ads in mobile browsers that support content blocker technology — namely, Samsung Internet and Yandex.Browser. While being more limited than AdGuard for Android, it is free, easy to install and still provides high ad blocking quality.
User Reviews: 18578
4.7 out of 5
By downloading the program you accept the terms of the License agreement
Read more

AdGuard Assistant

A companion browser extension for AdGuard desktop apps. It offers an in-browser access to such features as custom element blocking, allowlisting a website or sending a report.
User Reviews: 18578
4.7 out of 5
Assistant for Chrome Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Firefox Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Edge Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Opera Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Yandex Is it your current browser?
Install
By downloading the program you accept the terms of the License agreement
Assistant for Safari Is it your current browser?
If you can't find your browser, try the old legacy Assistant version, which you can find in AdGuard extension settings.
Downloading AdGuard To install AdGuard, click the file indicated by the arrow Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, drag the AdGuard icon to the "Applications" folder. Thank you for choosing AdGuard! Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, click "Install". Thank you for choosing AdGuard!
Install AdGuard on your mobile device