Malware Served via Anti-Adblocking Service PageFair
You are here
Hackers breached the systems of anti-adblocking solutions provider PageFair and used the access to deliver malware via the publishers that rely on the company’s services.
PageFair helps web publishers measure and recover revenue lost due to ad blockers, which have become increasingly problematic for the advertising industry. The company says it serves more than 3,000 websites.
Malicious actors penetrated the company’s systems after gaining access to a key email account via a spear phishing attack. Once they obtained access, the attackers hijacked PageFair’s account on the content delivery network MaxCDN and modified settings to replace the company’s legitimate analytics JavaScript tag with a piece of malware disguised as an Adobe Flash Player update.
PageFair admitted that it had not activated two-factor authentication (2FA) on its MaxCDN account – the security feature was only activated after the incident was addressed.
Read more from this link http://www.securityweek.com/malware-served-anti-adblocking-service-pagefair