Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Massive Malvertising campaign Intercepted that Resort to Dubious Casino Websites

Malwarebytes the security company has just detected one massive malvertising campaign which's diverting end-users in an automatic manner onto casino websites which act as traps for carrying out drive-by downloads serving AEK (Angler Exploit Kits), published SCMagazine.com in news on November 17, 2015.

According to Senior Security Researcher Jerome Segura of Malwarebytes Labs, the campaign involved exhibiting one malicious ad on the user's website that he may be seeing into his browser. Now the user would get diverted onto one casino website that would deceptively plant malware onto his system. SCMagazine.com reported this dated November 17, 2015.

It is believed that the campaign was executed October 21, 2015 as the attack victimized people accessing "sketchy websites" which presented material from copyrighted movies' torrents, pirated software to movies in live stream, as per one blog post dated November 17, 2015.

It's not clear what number of people got affected because of the attack toolkits; however, it has been observed that a total of 3 casino websites which worked like a medium to spread the Angler EK received in all over 1m visits whereas the advertising network received over 2bn visits during October last, states the post.

And according to Segura, a great possibility is that numerous people contracted malicious software due to this campaign. Infosecurity-magazine.com reported this in news on November 17, 2015.

Moreover, since the campaign targeted shady publishers who would likely dismiss 'advertising issues' while people visiting the websites knew they were using unlawful material, nobody had a reason for reporting the event. Nearly all the advertising networks attained registration through 'Domains By Proxy LLC, implying there wasn't any information obtainable regarding the registrant.

Indeed, says Segura, the malvertising campaigns separately considered as such don't show a distinction; however, their interconnection shows us the larger scenario of how massive the operation is.

Nevertheless, the attacks have been all carried out via GoDaddy, as also on the original ASN: AS15169; thus making Malwarebytes believe there was an interconnection among them. Analyzing ten ad domains, the ad network AdCash happened to be one impacted while this is the outlet through which Malwarebytes managed identifying the campaign.

» SPAMfighter News - 11/24/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page