Alert Users: MSN Main Page Dropping Malware on User PCs

If you visit MSN.com there is a chance your PC has been affected with a malware — Outlook users should also check for it as upon signing out from their email they are redirected to MSN home page.

Once again, Microsoft becomes the victim of malicious malvertising, and the culprit behind these misleading ads is Adspirit. In August 2015, a malevolent and vicious malvertising campaign run by Adspirit was detected on MSN, The Drudge Report, Wunderground andWeather.com among others.

However, in its recent malvertising activities, AdSpirit seems to have abandoned the use of Angler exploit kits and instead, they appear to have joined the burgeoning trend of adopting the more advanced RIG and Neutrino exploit kits. This investment has allowed AdSpirit to avoid getting detected on web pages which have heightened securities to counter malicious activities of the Angler exploit kit.

alert-users-msn-main-page-dropping-malware-on-user-pcs-2
Flowchart shows how the users is affected with malware / Image Source: Malwarebytes

It seems that the malvertising activities were primarily aimed at German users, and experts at Malwarebytes have reported that the recent malvertising complaints on MSN also came from German users. The most infectious and malicious ads were by one of Germany’s most popular, budget superstore chain, Lidl.

Security experts have reported that the malicious ads could be easily seen because most of these ads had “advertiser domains freshly created a few days prior the attack or hiding behind the CloudFlare service.” Even though this malvertising campaign did not infect the test stations of the security researchers, in the past, similar malware has been reported to have infected the CryptoWall ransomware.

So, what exactly should be done to avoid malicious ads?

The easiest way is to install an ad blocker, however, sometimes users whitelist certain websites which trigger malevolent ads, therefore, the most efficient way to counter these malicious ads is to invest in a security product.

Since online users have become suspicious and are increasingly aware of spam campaign gimmicks which ask them to open a website and download the malware installer, these vicious actors have resorted to following the burgeoning trend of malvertising and infecting users with infectious ads on trendy and popular websites.

Uzair Amir

I am an Electronic Engineer, an Android Game Developer and a Tech writer. I am into music, snooker and my life motto is ‘Do my best, so that I can’t blame myself for anything.’