In the mobile world, most of us have become accustomed to installing apps that display ads in exchange for the them being free. Most ads aren’t too annoying, and for the price it is worth having them displayed. It’s a fair compromise—until the ad servers tell you you’re infected.
The website for Just For Men, a company that sells various products for men, had their website breached and was serving a password stealing Trojan. The malicious code embedded in the WordPress site was part of the EITest campaign and pushed the RIG exploit kit.