Read the Economist last weekend? You may have fetched more than just articles (yup, malware)

News mag caught up in PageFair pwnage

Third bathroom reading material The Economist served malware from its website via the compromised PageFair network.

The biz mag today alerted readers that it put their PCs at risk last weekend.

"If you visited at any time between Oct. 31, 23:52 GMT and 01:15 GMT, Nov. 1, using Windows OS and you do not have trusted anti-virus software installed, it is possible that malware disguised as an Adobe update was downloaded onto your PC," the publication said.

Team Economist advises that anyone who received what appeared to be a Flash update from the website should change all of their passwords on their computer, and notify their banks and other financial institutions to check for suspicious activity.

The mag also recommends any exposed users install and maintain up-to-date antivirus software from Microsoft or a third-party security vendor, a good idea even for those who were not exposed to the Halloween weekend PageFair malware attack.

The malware outbreak was attributed to an attack on the popular PageFair publishing tool. Hackers were able to get into PageFair's systems and play a devious Halloween trick on the company and customers who use its tools to thwart ad-blocking plug-ins.

According to PageFair, the attackers stole employee credentials via a spear phishing attack and then took over the PageFair content distribution network. From there, the hackers began feeding publishers JavaScript code that attempted to download and install a botnet controller masquerading as an update for Adobe's Flash Player plugin.

It is estimated that the sites affected by the PageFair breach serve as many as 10 million page views per month.

The outbreak does no favors for PageFair's campaign to dissuade users from running ad-blockers, which are popular in large part because of their ability to shield users from malicious advertising copy. ®

Broader topics

Other stories you might like

Biting the hand that feeds IT © 1998–2022