Mole ransomware entered via a malvertising operation.
Mole ransomware entered via a malvertising operation.

If colleges struck last week with ransomware attacks had ad blockers on their systems, they likely could have avoided trouble, according to a post from security researcher Graham Cluley.

Cluley explained that rather than malicious email attachments being the means of entry, as is usually the case in ransomware campaigns, the scourge which last week hit two U.K. universities, University College London and Ulster University, was the consequence of a malvertising operation – in which toxic advertisements on legitimate websites deliver, in this case, Mole ransomware through use of an exploit kit. Users visit what appears to be a legitimate site, but even merely browsing to the site containing the poisoned ad – not needing even to click a link – their computers become polluted with the ransomware.

Cluely's advice begins with the tried and true: Keep computers up to date with security patches and the latest anti-virus software. But, further, he advocates considering running an ad blocker. "An ad blocker will prevent ads from appearing in your browser," he wrote. "It means that your browsing will not only be faster and more private (unscrupulous advertisers are known to track your movements online), but also safer."