This message sponsored by Ming the Merciless…

An interesting story from Ars Technica. Hackers took control of a site which site authors use to inject anti-adblock code to their pages. They then injected code into the site which popped up a window telling users their Flash install was out of date, and offering a link to a download which was – of course – malware.

A few lessons from this –

• It’s still best to have no Flash installed, as then you know it’s a malicious popup
• I’m still going to run AdBlock to avoid compromises of ad servers
• I’m still going to remove Flash on any computer I see