Forbes' awful interstitial ads are now even worse, having been used to spread malware
Chinese hackers are believed to have taken the worst part of Forbes’ website — the page that displays a “Thought of the Day” alongside some advertisement or another — and used it to distribute malware to a relatively small number of the website’s many daily visitors.
Forbes said in a statement to the Washington Post, which first reported on the hacking, that it discovered “no indication of additional or ongoing compromise nor any evidence of data exfiltration” during an internal investigation into the attack in December 2014.
The Post reports that the attack took advantage of two zero-day vulnerabilities -- one in Adobe Flash, the other in Microsoft’s Internet Explorer -- to conduct the attack. It’s not yet known who the suspected Chinese hackers were targeting with the three-day hacking.
The episode highlights a basic truth: sometimes the most annoying aspects of the Internet make consumers the most vulnerable to outside attack. It’s almost like the hackers wanted to rub salt in the wounds caused by having to see the damned interstitial in the first place.
Comcast did something similar when it started injecting advertisements into the Web browsers of consumers using its public Wi-Fi service. Besides annoying anyone using its networks, this decision also makes people vulnerable to attack, as Ars Technica reported:
Or Comcast’s will, anyway. It’s pretty easy to avoid malware spread via Forbes’ interstitials: just never visit the publication-turned-blogging platform ever again. You might miss out on the “Thought of the Day,” but your computer (and your brain) will thank you for it.