Wireless adware threat uses "carrier" computer to spread

Share this article:

Researchers at the University of Calgary are warning of a future threat that leverages a public wireless connection to bombard PCs with adware.

The risk involves using a "carrier" computer hooked up to an unencrypted wireless connection, according to a news release on Friday. That machine is able to convince other computers using the same connection to "communicate with it and not the legitimate access point." Then, it inserts adware onto these laptops, typically in the form of advertisements on videos and websites.

The researchers have dubbed the threat "typhoid adware" because it is transmitted through a seemingly healthy computer, much like Typhoid Mary experienced no symptoms of typhoid fever but was responsible for infecting scores of people.

"Typhoid adware is designed for public places where people bring their laptops," said associate professor John Aycock, who co-authored a paper on the threat and presented findings at a recent conference in Paris. "It's far more covert, displaying advertisements on computers that don't have the adware installed, not the ones that do."

So far, the risk is only proof of concept, but the researchers expect it to hit the wild sometime soon.

To prevent against such an attack, the researchers, who also included an assistant professor and two students, said machines must run software and settings that prevent communication with the carrier computers. In addition, users should avoid clicking on links from untrusted sources.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.