Cyber Incident Victim: Forbes
Date:
Jan 2016
Location:
United States of America
Summary
Forbes's website reportedly served malware to visitors who disabled ad-blockers, as experienced by a digital forensics expert. The malicious content, potentially from third-party ad networks, led to unintended malware installation on users' systems. This incident followed a prior compromise where attackers exploited software vulnerabilities to distribute malware through the site, highlighting ongoing security challenges with ad-supported platforms.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early 2016, visitors to Forbes Magazine’s website were exposed to malware when complying with the site’s request to disable ad-blockers. Digital forensics expert Brian Baskin encountered this threat after turning off his ad-blocker while accessing Forbes, resulting in malware delivery to his system. The malware likely originated from compromised third-party advertisements displayed on the site, though the article’s authors noted they could not replicate the infection during their own testing. This incident followed a similar February 2015 event where attackers exploited unpatched vulnerabilities in Adobe Flash and Internet Explorer to install malware on Forbes visitors’ devices. Both incidents demonstrated persistent security weaknesses in Forbes’ digital advertising ecosystem, though the article did not specify whether Forbes directly hosted malicious content or unknowingly distributed it through compromised ad networks. The primary impact was unauthorized malware installation on end-user systems visiting the legitimate news site, with no reported containment actions or detection methods detailed in the source material.
The malware delivery incidents highlighted broader industry failures in digital advertising security. Ad networks and publishers had reportedly neglected to implement effective malware detection systems for at least a decade prior to these events, despite ad networks generating substantial revenue from publisher partnerships. Forbes’ recurring malware incidents occurred despite existing countermeasures like Adblock Plus’ “Acceptable Ads” program and native ad-blocking features emerging in Apple devices. The article noted publishers generally failed to invest in protective measures despite these repeated security breaches, maintaining reliance on vulnerable third-party ad networks. No specific remediation actions by Forbes were documented, though the incidents damaged user trust in the publication’s digital security posture. The attacks exploited standard website functionality – advertising displays and vulnerability-laden plugins – rather than sophisticated intrusion methods, underscoring systemic security gaps in mainstream digital publishing infrastructures.