Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Malware Infected Google Ad Campaign Knocks Users

Pcworld.com published a report on 8th April, 2015 quoting a warning of security experts as "a large number of ads distributed by a partner of Google advertising redirected users to Web-based exploits which tried to install malware on user's computers."

Security researchers from Fox-IT, a Dutch security firm, observed the malvertising campaign wherein ads coming from a partner of Google in Bulgaria known as Engage Lab began redirecting users to the Nuclear Exploit Kit.

Especially, exploit kits are platforms of Web-based attack which attempt to exploit vulnerabilities in browsers and browser plug-ins to infect computers of users with malware.

According to analysis of Fox-IT, the version of Nuclear exploit kit (EK) used by attackers tries to take advantage of vulnerabilities in outdated versions of Adobe Flash Player, Microsoft Silverlight and Java.

Softpedia.com published news on 8th April, 2015 quoting Maarten van Dantzig, Security Researcher of Fox-IT, as saying "the malicious ads first lead to an intermediary website which then redirects to a domain hosting Nuclear EK."

The investigation revealed that cybercriminals are regularly changing domains to avoid detection and increase the lifespan of the infamous operation.

Dantzig says that they have not been able to identify the nature of the malware delivered through plug-in exploit but discovered the command and control (C&C) server the malware used which seems to be in the US.

Google was informed about the issue and it might have taken necessary action to spoil the efforts of cybercriminals because security company recorded no malicious redirects from the Bulgarian reseller after 7 hours of spotting the campaign.

Malvertising has been a growing problem since many years and in spite of vast advertising networks claiming to have sophisticated defenses in place, attackers still have not able to find methods of avoiding these malware.

These attacks are particularly dangerous because users get infected even without visiting obscure websites. Once attackers manage to push malicious ads into a vast advertising network, these ads get displayed on well-known and trusted websites.

US Senate investigated malvertising during 2014 and concluded that "the industry of online advertising has grown so much in complexity that each party may refuse to accept the responsibility of the delivery of the malware into the user's computer through an advertisement."

ยป SPAMfighter News - 4/16/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page