Businesses that allow the Ask.com toolbar in their environments might want to rethink that after endpoints equipped with the browser add-on were compromised last November and then again the very next month using pretty much the same attack methods.
In both cases attackers managed to infiltrate the Ask.com updater infrastructure to the point that they used legitimate Ask signing certificates to authenticate malware that was masquerading as software updates.
And in both cases Ask Partner Network (APN), which distributes the Ask.com toolbar, told the security vendors who discovered the incidents that it had fixed the problem. The first one was discovered by security vendor Red Canary, and the second was caught by Carbon Black, whose researchers just wrote about it in their company blog.
To read this article in full or to leave a comment, please click here
Source: News Feed