Akhristayaasha shabakadaha waaweyn sida Vice News , CNET , Verge , Neowin iyo in ka badan, ayaa la kulmay khataraha amniga tan iyo 2015 sababtoo ah xayeysiisyada ay ka wadaan xayeysiiska PowerLinks waxay isticmaalaan shahaadooyin SSL dhacay. ^(SSL)Waa kuwan waxa socda, waxa aad isu muujinayso marka aad akhrinayso daabacado ay ku jiraan xayaysiisyada PowerLinks iyo waxa aad samayn karto si aad ammaan u ahaato:

Xayeysiisyada loo soo mariyo PowerLinks waxay leeyihiin shahaadooyin SSL oo dhacay Oktoobar 2015^{(October 2015)}

Markii aan akhriyay dhowr shabakadood oo ku jira kombayutarkayga gaarka ah, waxaan ogaaday in xalkayga ammaanku uu ka cabanayo in browserkaygu uu isku dayayo inuu ku wada xidhiidho kanaal sir ah oo wata shahaado aan la aamini karin. Anti-virus-kaygu ma dammaanad qaadi karo xaqiiqada domainka laga sameeyay xidhiidhka sir ah, taasina waxay khatar amni ii keentay. Markii hore, waan iska dhega tiray digniintan oo waan sii waday akhrinta. Si kastaba ha noqotee, ka dib markii aan ku arkay dhowr shabakadood oo waaweyn, waxaan bilaabay inaan fiiro gaar ah u yeesho oo aan si faahfaahsan wax u barto.

Waxaan la yaabay markii aan ogaaday in digniintan lagu soo bandhigay daabacado waaweyn oo khadka ah oo ay had iyo jeer sababto xayeysiisyada laga keeno pw.powerlinks.com. Dhammaantood waxay haystaan ​​shahaadada SSL ee dhacay Oktoobar 2015^{(October 2015)} , sida aad hoos ku arki karto.

Si aan laba jeer u hubiyo in tani run tahay iyo in kale oo aanay ahayn digniin been ah, waxaan isku dayay badeeco kale oo ammaan ah oo heer sare ah, natiijaduna waa isku mid. Waxaan dhex maray shabakado badan waxaanan ogaaday in isla dhibaatadu ay ku soo noqnoqonayso magacyo waaweyn oo adduunka daabacaadda ah.

Maxay PowerLinks bixisaa daabacayaasha?

Marka loo eego degelkooda rasmiga ah, PowerLinks waxay leedahay faylal dhammaystiran oo xalal xayaysiis iyo adeegyo ah. Waxay bixiyaan Adeegaha Xayeysiiska ee boggaga ku jira galka macaamiishooda, madal Isweydaarsiga Xayeysiiska^{(Ad Exchange)} , xayeysiisyada asalka ah (qoraal, muuqaal-muuqaal, muuqaal-ku-fid iyo xayeysiis-muuqaal) iyo in ka badan.

Maxay tani u tahay arrin? Dhibaatooyinka aan la kulano marka shabakadaha ay soo bandhigaan xayeysiisyada shahaadooyinka SSL dhacay^(SSL)

Haddii aadan haysan xal ammaan oo wanaagsan oo lagu rakibay, waxaa laga yaabaa inaadan waligaa dareemin arrintan. Si kastaba ha noqotee, haddii aad isticmaasho fayraska wanaagsan kaas oo baadhaya taraafikada HTTP -gaaga wakhtiga dhabta ah, markaa waxaad ka xanaaqi doontaa degdegga amniga dhowr daabacaad oo warbaahineed oo adeegsada adeegyada xayeysiinta ee ay bixiso PowerLinks .

Marka aan dhinac iska dhaafno arrinta cadhada leh, waxa aanu waydiinay Catalin Patrascu (madaxa Waaxda Amniga^{(Information Security)} iyo Dabagalka ^{(Monitoring Department)}ee Kooxda Ka jawaabista Dhacdada Amniga Kombiyuutarka Qaranka^{(National Computer Security Incident Response Team)} Romania ) khataraha amni ee ku lug leh xayaysiimahan, waxa uuna yidhi sidan soo socota:

"Aragti ahaan, xaqiijinta shahaadooyinka SSL waa la samayn karaa in kasta oo ay dhacday. Isticmaalayaasha la qabsaday qaladkan oo aan hubin shahaadada SSL mar kasta oo ay helaan qaladka, waxaa jira khatar ah in loo wareejiyo xaasidnimo boggaga iyo noqoshada bartilmaameedka weerarrada dhex-dhexaadka ah"^{("Theoretically, the verification of SSL certificates can be done even though they are expired. For the users that get used to this error and don't check the SSL certificate each time they get the error, there is the risk of getting redirected to malicious pages and becoming the target of man-in-the-middle attacks")} .

Waxyaabo kale oo muhiim ah in la tixgeliyo waa in xayeysiisyadani ay sidoo kale la socdaan xogta isticmaalaha iyo habdhaqanka isticmaalaha. Xogtan waxaa loo diraa kanaal aan ammaan ahayn, taasoo ka dhigaysa mid u nugul faragelinta dhinacyada aan loo baahnayn.

Mareegaha ay arrintani saamaysay waxaa ka mid ah: The Verge , Vice News , CNET , iyo kuwo kale

Ma garanayno liiska saxda ah ee shabakadaha ay arrintan saamaysay. Waxaan u qaadaneynaa in dhammaan macaamiisha PowerLinks ay halis ku jiraan. Ilaa hadda, waxaan ku ogaanay dhibaatadan daabacadaha warbaahinta waaweyn sida Verge , Vice News , CNET , Neowin iyo kuwa kale. Websaydhyadani waxay leeyihiin daraasiin malaayiin ah oo akhristayaasha ah bishiiba, iyo amniga dhagaystayaashooda ayaa la geliyey halis maalin kasta oo ay maamulaan xayeysiisyada PowerLinks , tan iyo ^(PowerLinks)Oktoobar 2015^{(October 2015)} .

Dhibaatadan waxaa keenay dayacaad cad oo dhanka PowerLink ah

Waxa aan halkan kula macaamilaynaa waa dayacaad cad. Shahaadooyinkan SSL may dhicin dhawr maalmood ama bil. Waxay dhacayeen ilaa 2015 iyo PowerLinks ma qabanayaan shaqadooda ah bixinta xal xayaysiis aamin ah daabacadaha onlineka ah iyo akhristayaasha daabacadahaas labadaba. Kooxdooda farsamada ma aysan ogaanin in xayeysiiskooda xayeysiisku ay isticmaalaan shahaadooyin SSL oo dhacay sanado badan oo aan waxba u qaban si ay u xaliyaan dhibaatadan iyada oo malaayiin akhristayaasha khatar gelinaya. Sameeyayaasha^(Did) malware ma ka faa'iidaysteen arrintan? Taasi waa su'aal wanaagsan, mana hubno in PowerLinks uu ka jawaabi karo iyo in kale. Dhammaadkii, xitaa ma aysan daryeelin waxyaabaha aasaasiga ah sida taariikhda dhicitaanka.

Waa kuwee^(Which) badeecadaha amniga ee iga caawiyay in aan ogaado arrintan?

Markii ugu horeysay ee aan dhibaatadan helo waxay ahayd markii aan dhex wareegayay qaar ka mid ah mareegaha aan hore u soo sheegay oo aan isticmaalay ESET Smart Security sida fayraskayga.

Arrintaan waxaa sidoo kale xaqiijiyay Kaspersky Total Security , sida aad hoos ku arki karto.

Waxaan ku faraxsannahay in alaabooyinkani ay qabteen shaqadoodii ahayd inay nagu wargeliyaan oo ay naga ilaaliyaan dayacanka amniga ee madal xayeysiisyada PowerLinks waxayna naga caawiyaan inaan furfurno waxa socda. Waa caddayn dheeraad ah in aad had iyo jeer ku rakibto alaab-ka-hortagga koox saddexaad oo aad joojiso daalacashada shabakadda, oo aan la hubin. Haddii aad xiisaynayso inaad wax badan ka ogaato khataraha ku lug leh baadhitaanka shabakadda iyadoon la ilaalinayn, akhri tijaabadan aanu wadnay: Sida loo faafiyo Windows PC-gaaga markaad ka baadhayso shabakadda waxyaabo bilaash ah^{(How to infect your Windows PC while browsing the web for free stuff)} .

Maxaan ka caawinnay akhristayaasha iyo daabacadaha ay saameysay arrintan amni?

Ugu horrayn^(First) , waxa aanu maqaalkan u qornay in aanu qof walba ku wargelino arrintan. Waxaan sidoo kale waydiisanay PowerLinks faallo rasmi ah. Si kastaba ha ahaatee, iimaylka rasmiga ah ee ay la soo xidhiidhaan ma shaqaynayo, oo waxa kaliya ee aanu helnay waa Fashilanka Xaalada Gaadhista^{(Status Notification Failure)} , oo aad hoos ka arki karto.

Waxaan maqaalkan u dirnay dhammaan daabacadaha warbaahinta ee aan ogaanay in ay saameeyeen, iyo sidoo kale PowerLinks , iyaga oo isticmaalaya kanaalada warbaahinta bulshada. Waxaan rajaynaynaa in aanay iska indho tirin fariintayada oo ay qaadi doonaan tallaabooyin ay ku xallinayaan dhibaatadan.

UPDATE (03/21/2017): Waxaan ugu dambeyntii ku guuleysanay in fariintayada loo diro PowerLinks , waxaana jawaabta soo socota ka helnay Branden Smythe , VP Horumarinta Ganacsiga^{(VP Business Development)} :

"Waxaan helay ogeysiis ah inaad la xiriirtay PowerLinks. Waxaan wax ka qaban doonaa walaacyada aad soo bandhigtay waqti dhow."^{("I received notice that you reached out to PowerLinks. We will address the concerns you posted shortly.")}

Maanta waxaan dib u eegnay mareegaha aan ka helnay arrimaha aan soo sheegnay oo hadda si wanaagsan u shaqeynayaan. Waxay u muuqataa in PowerLinks ay samaysay tillaabooyinka lagama maarmaanka ah si loo sugo xayeysiiskooda dhammaan mareegaha, taas oo ah mid aad u fiican. Waxaan rajeyneynaa^(Hopefully) , inay wax ka baran doonaan dhibaatadan oo ay si wanaagsan u daryeeli doonaan aasaaska amniga sida taariikhda dhicitaanka shahaadooyinka SSL .

Maxaad samayn kartaa si aad naftaada uga ilaaliso xayeysiisyada PowerLinks ee aan ammaan ahayn?^(PowerLinks)

Haddii xalkaaga ammaanku uu ka cabanayo shahaadooyinka SSL ee dhacay ee ay adeegsadeen xayeysiisyada PowerLinks , waa inaad xannibtaa. Haddii aadan haysan anti-virus-ka kaas oo baadhaya taraafikada HTTP -ga ee waqtiga-dhabta ah, markaa waa inaad ku socodsiisaa mareegahan adigoo isticmaalaya hababka^{(private browsing modes)} wax baadhista ee gaarka ah oo sidoo kale xannibaya xayeysiisyada aan sugnayn ama aad hesho hab kale oo aad u xannibi karto. Ma nihin taageereyaal xannibaya xayaysiisyada shabakadaha aan soo sheegnay sababtoo ah xayeysiisku waa waxa ka dhigaya daabacadahan inay awoodaan inay siiyaan qof kasta oo leh waxyaabo fiican. Waxaan rajeyneynaa, dhibaatadan in si dhakhso ah loo xalin doono, dhammaanteenna waxaan ku raaxaysan karnaa daabacaadyada aan jecelnahay, si badbaado leh, iyada oo aan xannibin xayaysiiskooda oo aan u oggolaan inay dakhli ka helaan shaqadooda.

PowerLinks ads put millions of readers at risk, from major publications like The Verge, Vice News and more

Readers of major websites like Vice News, CNET, The Vergе, Neowіn аnd more, have been exposed to ѕecurity riѕkѕ since 2015 beсause the ads they run from the PowerLinks advertising platform use expired SSL certificates. Here's what is going on, what yоu are exposing yourself to when reading publications that include PowerLinks ads and what you can do to stay safe:

The ads served through PowerLinks have SSL certificates that expired in October 2015

While reading several websites on my personal computer, I have noticed that my security solution was complaining that my browser is trying to communicate over a channel that is encrypted with an untrusted certificate. My antivirus could not guarantee the authenticity of the domain to which the encrypted connection was established, and this posed a security risk for me. Initially, I ignored this warning and just kept reading. However, after seeing it on several big websites, I started paying attention and studied things in more detail.

I was surprised to find that this warning is shown on large online publications and it is always caused by ads served from pw.powerlinks.com. All of them have an SSL certificate that expired in October 2015, as you can see below.

To double check whether this was true and not just a false alarm, I tried another top-notch security product, and the results were the same. I navigated more websites and noticed that the same problem was repeating for some big names in the publishing world.

What does PowerLinks offer publishers?

According to their official website, PowerLinks has a comprehensive portfolio of advertising solutions and services. They offer an Ad Server for the sites in their portfolio of clients, an Ad Exchange platform, native ads (in-text, in-video, in-image, in-feed and in-display ads) and more.

Why is this an issue? The problems we're exposed to when websites display ads with expired SSL certificates

If you don't have a good security solution installed, you might never notice this issue. However, if you use a good antivirus which scans your HTTP traffic in real-time, then you will be annoyed by a security prompt on several large media publications that use advertising services provided by PowerLinks.

Leaving the annoyance factor aside, we asked Catalin Patrascu (head of the Information Security and Monitoring Department at the Romanian National Computer Security Incident Response Team) about the security risks involved with these ads, and he stated the following:

"Theoretically, the verification of SSL certificates can be done even though they are expired. For the users that get used to this error and don't check the SSL certificate each time they get the error, there is the risk of getting redirected to malicious pages and becoming the target of man-in-the-middle attacks".

Another important thing to consider is that these ads also track user data and user behavior. This data is sent through an insecure channel, leaving it vulnerable to interception by unwanted parties.

The websites that are affected by this issue include: The Verge, Vice News, CNET, and more

We don't know the exact list of websites that are impacted by this issue. We assume that all PowerLinks customers are at risk. So far, we have identified this problem on large media publications like The Verge, Vice News, CNET, Neowin and others. These websites have dozens of millions of readers each month, and the security of their audience has been put at risk every day they have run PowerLinks ads, since October 2015.

This problem is caused by plain negligence on PowerLink's part

What we are dealing here is plain negligence. These SSL certificates have not been expired for a couple of days or a month. They have been expired since 2015 and PowerLinks are not doing their job of offering secure advertising solutions to both online publications and readers of those publications. Their technical team did not notice that their advertising platform uses SSL certificates that have been expired for years and did nothing to solve this problem while putting millions of readers at risk. Did malware creators exploit this issue? That's a good question, and we're not sure whether PowerLinks can answer. In the end, they did not even take care of basics like expiration dates.

Which security products helped me discover this issue?

The first time I found this problem was when I was navigating some of the websites I mentioned earlier and used ESET Smart Security as my antivirus.

This issue was also confirmed by Kaspersky Total Security, as you can see below.

We're pleased that these products did their job in informing us and keeping us safe from the security vulnerabilities of the PowerLinks ads platform and helps us unravel what is going on. It's further proof that you should always install a third-party antivirus product and stop browsing the web, unsecured. If you are curious to learn more about the risks involved with browsing the web unprotected, read this experiment that we have run: How to infect your Windows PC while browsing the web for free stuff.

What did we do to help readers and publications that are affected by this security issue?

First of all, we wrote this article to inform everyone on this matter. We also asked PowerLinks for an official comment. However, their official contact e-mail doesn't work, and all we received is a Delivery Status Notification Failure, which you can see below.

We sent this article to all the media publications that we've found that are affected, as well as to PowerLinks, using their social media channels. We hope that they won't ignore our message and will take measures to fix this problem.

UPDATE (03/21/2017): We finally managed to get our message sent to PowerLinks, and we received the following answer from Branden Smythe, VP Business Development:

"I received notice that you reached out to PowerLinks. We will address the concerns you posted shortly."

Today, we checked again the websites where we have found the issues that we described and things are now working well. It seems that PowerLinks has performed the necessary steps to secure their ad delivery on all websites, which is great. Hopefully, they will learn from this problem and take better care of security basics like the expiration date of SSL certificates.

What can you do to protect yourself from insecure PowerLinks ads?

If your security solution is complaining about the expired SSL certificates used by PowerLinks ads, you should block them. If you don't have an antivirus which scans your real-time HTTP traffic, then you should run these websites using private browsing modes that also block the insecure ads or find some other way of blocking them. We are not fans of blocking ads on the websites that we have mentioned because advertising is what keeps these publications able to provide everyone with great content. Hopefully, this problem will be solved soon, and we can all enjoy our favorite publications, safely, without blocking their advertising and allowing them to earn revenue from their work.

Related posts

• Jamey Heary oo ka socda Cisco: Hay'adaha ku shaqeeya macluumaadka xasaasiga ah, isticmaala WiFi sir ah, VPN, iyo apps sir ah

• Amniga internetka iyada oo loo marayo waxbarashada: Kaspersky Interactive Protection Simulation

• Abaalmarinnada - Alaabta antivirus ugu caansan sanadka 2017

• Maxaa ka cusub Windows 10 Cusbooneysii November 2019?

• Sifooyin cusub oo u imanaya Windows Defender gudaha Windows 10 Cusboonaysiinta abuurayaasha

• 3 Sababood oo ay ugu daraan koodka QR gudaha Windows 10 BSODs waa fikrad xun

• 9 shuruudood oo muhiim ah oo la isticmaalo marka aad dooranayso software-ka antivirus

• 10 waxyaalood oo waaweyn oo ku saabsan Chrome OS, Chromebooks, iyo Chromeboxes

• Ma u baahan tahay inaad iibsato Antivirus-ka, suudhka Amniga Internetka ama Suite Amniga Guud?

• 7 sababood oo ay tahay inaad u hesho Windows 10 Oktoobar 2018 Cusbooneysii

• 4 apps oo kaa caawinaya inaad ogaatid caafimaadka qalabkaaga Android

• Sida loo faafiyo PC-gaaga Windows-ka marka aad ka baadhayso shabakadda waxyaabo bilaash ah

• 8 sababood oo ay Cyberghost VPN u tahay mid ka mid ah VPN-yada ugu fiican suuqa

• 6 siyaabood oo looga baxo Windows 11 - WebSetNet

• Dib u eeg ESET Smart Security Premium: Ilaalinta dhamaystiran ee kombayutaradaada

• Sida loo furo Disk Defragmenter gudaha Windows (hababka 12)

• Windows 10 waa la yaab leh! Halkan waxaa ah 12 sababood oo sababta!

• Sida loo isticmaalo Windows USB/DVD Download Tool

• Abaalmarinnada - Alaabta antivirus ugu hal-abuursan ee 2017

• Sida loo tafatiro, loo nadiifiyo, oo loo tirtiro doorsoomayaasha deegaanka gudaha Windows-