And for every result that you’d find on the net, there’s another clarification announcement from Adsterra how they have “Zero Tolerance For Scam and Malicious Advertising”. Essentially their stand basically is that they are merely a platform and are not a source of malware themselves. But that doesn’t absolve them of answerability.
Here are a few screenshots for you if you are facing js redirects by Adsterra malware:
airlinerappetizingcoast.com/56ee5ccd1d3112b4a581ca8408f53f17/invoke.js which does some real nefarious stuff. While the code is criminally cryptic, it’s easy to figure out that it triggers malicious actions based on the operating system, device type of the website visitor and redirects them to an endless chain of popups that would look pretty legit to an unsuspecting / frustrated website visitor. Chances are that one may end up clicking one of the buttons and end up downloading malware onto their devices. This may infect the device and potentially cause data loss and / or further malware spread. Here’s the cryptic code that we saw in this specific instance:
A few other rogue domains where this script redirects: continuousformula dot com, protect-web dot xyz, fostereminent dot com, etc.
In case of WordPress, this adware code may have been injected in the database (by a plugin that you use for configuring and displaying ads) or the theme-template files (in case the developer hardcoded those ads).
- Install the free Malcure Malware Scanner plugin.
- Update Definitions and Scan your WordPress website for malware.
- Once the results are ready, they’d indicate whether the malware is present in the database or the theme / template files.
- Use phpMyAdmin to cleanup the database or a code editor over S/FTP to remove the code from your theme template files.
If you are using Adsterra, we’d strongly suggest you consider the long-term business model of your website and extend some thought to the website visitors.