Thursday, May 28, 2015

Web ads redirecting entire web page

Trusted websites such as hotmail.com and slashdot.org occasionally have their pages completely redirected to an adverstitial.com page.  Investigation shows this is occurring from a javascript advertisement from an ad network.  The original sites are only involved in subscribing to the ad network, which is allowing shady ads.

Those running unix can edit /etc/hosts to block the ad domains.

Those who have access to their router can add a rule to their router firewall to block the domains.  A couple domains involved with hijacking the entire web page seems to be adverstitial.com and cpmaxads.com.
 

Those running a version of Microsoft Windows prior to version 8 can also edit the hosts file.  Those running MS Windows 8 with Windows Defender will find any changes to the hosts file will be undone by Windows Defender.

The quickest way for the average modern MS Windows user to prevent the page hijack is to install an ad blocker such as Adblock Plus.