Economist’s anti-ad blocking analytics service got hacked on 31st October (company’s officials didn’t disclose until 5th November) and the exposed site made users download a malware into their systems.
The Economist runs a service for publishers that provides statistics on the percentage of users reading their content with ad blocking services on their site.
The service is known as PageFair. What happened on 31st October was that the service page began to ask the users for an Adobe update, which in reality was a malware fixed by the hackers.
Though, the security team discovered the hack within 5 minutes of it appearing for the first time on the site but it took 80 minutes for the situation to normalize.
So, any user using the service within that time duration might have been affected.
According to the one of spokesperson, numbers of users affected from the hack “are in hundreds” and the most vulnerable to this attack are the users on windows operating system.
PageFair CEO was very disappointed on the attacks and said in a blog post that:
“If you are a publisher using our free analytics service, you have good reason to be very angry and disappointed with us right now. The attack was sophisticated and specifically targeted against PageFair, but it is unacceptable that the hackers could gain access to any of our systems.”
According to the latest updates, the malware left by the hackers was a type of keylogger which can pick up anything the user types from his keyboard meaning sensitive data like bank account passwords and credit card detail might be at risk if any user has downloaded the malware and is unaware while inputting sensitive data on different sites.
Holy shit. Economist was using an anti-adblocker, which was hacked, and let malware onto user systems https://t.co/6QQV0swCXK
— Owen Williams (@ow) November 6, 2015
PageFair has already warned the users about the security breach and has provided briefings on how to stay away it. But, they have assured the users that all the data on their own databases is secured and was not attacked by the hackers.
This is not the first time when scammers have used Adobe to trick users into installing malware. In the past, the scammers took advantage of Hacking Team leak and started targeting user with Adobe phishing scam.
An another malvertising campaign, hackers used a 0-Day vulnerability in Adobe Flash to target Dailymotion users.