Comcast is a huge corporate Goliath. They own NBC/Universal, and are getting ready to build a new Universal Studios theme park in Beijing. They also own the cable and broadband provider that is so notorious for poor customer service that they had to try to change their name from Comcast to Xfinity. A recent news story has Comcast complaining to a customer’s employer, getting him fired because he dared to complain about his shitty cable service! Yet, despite all of that corporate income, Comcast is still greedy enough to run advertisements on their homepage that gets automatically loaded for their broadband subscribers. It is through these ads that users are being targeted with malvertising downloads.
In the image above, you can see the prominent ad placement next to the red arrow. Why does Comcast need to monetize their default landing page for their broadband subscribers? Because they simply must squeeze every dime they can from their user base. Below is an image from Invincea’s FreeSpace that shows that this ad window dropped two malicious trojans.
http://t.co/AWUYVqM9Pf's homepage drops Malvertising! @Invincea killed it. @Comcast Y U put ads on your homepage? pic.twitter.com/Y18CyrAlL5
— Honey Badger Clicker (@BelchSpeak) October 13, 2014
One is the Kryptik trojan that does keylogging and the other is unknown by the Antivirus industry. Luckily for this user, he was protected from Comcast’s malvertising attack, but it is a certainty that many others were not protected. So on top of paying outrageous broadband prices, Comcast customers are being targeted to have their banking accounts possibly drained, or having their hosts join a botnet.
Stop being greedy, Comcast.
Updated! Comcast won’t let you disconnect.
