If you are interested in how VeryMal works, The Register has a good write up here.
Here is some more Tech News from around the web:
- Intel reports 13% revenues growth for 2018 @ DigiTime
- Facebook to combine Instagram, WhatsApp and Messenger @ The Inquirer
- Nintendo throws out Metroid Prime 4 work, restarts with Retro Studios @ Ars Technica
- More money than sense? Turn your iPhone into a spoon with the Kickstarter nobody asked for @ The Inquirer
- Hole-punch, foldable screens rising as new handset designs @ DigiTimes
- Intel Is Working On A Vulkan Overlay Layer, Inspired By Gallium3D HUD @ Slashdot
- You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit @ The Register
- Windows Server 2019 vs. Linux vs. FreeBSD Gigabit & 10GbE Networking Performance @ Phoronix
- Sprint subscribers: What do your updated iPhone and Tonga have in common? Both are cut off from the world @ The Register
All the more reason to
I’d even say that Images should be randomly Salted to wipe out any Steganography hidden values and disrupt the ability to use Image content for payload pushing.
Next time a site asks me to
Next time a site asks me to whitelist them on ublock, I’ll paste a link to this story. Thank you!
Promise you will use a tool
Promise you will use a tool like this and send them a screengrab!
Why aren’t the ad companies
Why aren’t the ad companies re-creating the images that are uploaded. Like some image boards will do to prevent malware?
Ad companies so far don’t seem to have any reason to vet the ads because it is cheaper to copy and paste a boilerplate apology when a bunch of people get hit with ransomware than it is to invest in any kind of vetting process.
As much as we would like to see things change, most website owners are either unwilling or unable to drop a bad advertiser. Because of this, they are not at risk of losing their reach, and with no other consequences (not like they are going to cover the ransom or other costs incurred due to a malicious ad), there is no reason for them to change.
With advertisers being unwilling to change, and website owners being unwilling to or not in a position to risk that revenue, the only tool the rest of us have, is ad blocking.
If an ad network wants to restore faith in their service, they need to vet their ads, and back that commitment by offering to cover the cost of any damages incurred due to a malicious ad.
There is only 2 reasons why they refuse it.
1: They know their ads are bad and with their hundreds of millions of billions of dollars in profit, if they had to bear the cost of the damage caused by the malicious ads, it would financially destroy the company.
2: They have no interest in vetting the ads, and don’t care about the damage caused. They take pride in accepting money from criminals because regardless of the ad, they are being paid for the ad contract, thus any step towards preventing malicious ads, is money lost due to less cash flow from the criminals.