What are Drive-By and Rogue Malware Infections and how do you protect against them? For the answers, watch the video below:
Here are the notes and links discussed in the video above:
The “AdShufffle” (with 3 f’s instead of 2) attack aimed at ad networks from Google and Microsoft to spread the “HDD Plus” malware. More information from Security News Daily. AdShuffle is a legitimate advertising network, the perpetrators of this attack added an “f” to their domain name and fooled the Google and Microsoft ad networks into allowing the ads. Users who visited pages that displayed the malicious ad would have their computers infected if Internet Explorer, Java, or Adobe Reader products were not up to date with patches.
Here are some examples of an actual Fake Alert that I observed recently:
The first pop-up looked like this (Click on the picture to see the full-size image, which is easier to see):
After clicking the red close box, I received this second pop-up:
Even after closing that, this window popped up:
Notice how the “Windows Security Alert” looks very legitimate. If you look closely at the screen, however, there are a few typos.
What to do if your computer does get infected
We highly recommend scanning with a product called Malwarebytes. Download the free version here. You may want to reboot into safe mode with networking to run your first scan, if you need assistance with that, let us know. You may want to run another scan after rebooting normally, and then scan with your antivirus software as well. Be sure to update Malwarebytes and your anti-malware software prior to running the scans.