I recently wrote about how the Angler malware threat had affected my company. Adversaries have been buying space on legitimate advertising banner services, embedding malware in their fake ads, and using the unsuspecting ad agencies to serve their malware through legitimate websites to users, who might be innocently browsing major news and financial websites. It continues to be a problem for me.

Today, for example, I got an alert about an infection attempt via a training website. I’m also seeing an increasing number of Angler infection attempts coming via Web searches. The malware-bearing search results all look the same: seemingly random text from some old book, probably some classic of literature, that doesn’t make any sense in the context of the Web search. That doesn’t matter, though; it’s just there to serve up malware to any unsuspecting users who click on the search result. One of my users was hit yesterday while trying to find a hiking website in India.

To read this article in full or to leave a comment, please click here