14 DAY TRIAL // The Internet is no longer a safe place and we all know it. But the web is divided into two parts: the safe side and the dangerous side. Today, we're talking about the first one which is obviously preferred by all of us. The safe Internet usually contains famous websites such as Google and Yahoo which provide only trusted content and files which can be downloaded without being afraid of a virus or other dangerous material. But even if you trust them, it seems like those famous pages turn into a real threat. According to Channel Register, some new attackers target well-known websites in order to trick visitors to install malware and other malicious software on their computers.
Don Jackson, a researcher with security provider SecureWorks said that attackers aim to modify the adverts in order to create a pop-up which asks users to install dangerous applications and provide sensitive information concerning their credit cards.
"These are pretty well-respected, high-traffic websites. The point is to compromise [the user's machine] and basically have it on demand," the researcher said for the same source mentioned above.
The entire procedure to implement the malicious content into the adverts is done after the attackers buy advertisements on large websites which are often trusted by the users. Moreover, the ads seem to be legitimate and no one can tell exactly if they can serve malware files or not.
At this time, there's only one solution to avoid a potential exploitation of the scam: install the NoScript extension for Mozilla Firefox or configure your browser to disable web scripts. "Users who allow the site to run javascript so, for example, it can provide local weather forecasts, will not be protected, Jackson said," the Channel Register continued.
Now, is it worth it? Can the scammers use the malware installed on your computer to earn money or something else? I really don't know but the credit card information can be surely used for transaction or other types of malicious actions.