Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Malvertising Attack Contaminated Innumerable Users Daily Spanning Many Months

Proofpoint the security vendor has terminated a massive malvertising campaign which remained undetected because of the sophisticated techniques it used. The methodologies helped infecting millions of PCs with exploits and this went on for months. The campaign, which has been named AdGholas, started no later than October 2015 and still running.

Security researchers state that the attackers were able to serve malicious ads via over a hundred ad exchanges drawing 1m-5m page hits daily. The security researchers also state that they first detected the scam at the time they were examining 2 more large-scale malvertising operations dubbed VirtualDonna and GooNky.

On investigating further, the AdGholas campaign was found employing novel and advanced techniques for bypassing detection. The exploit used in the malvertising attack carried out many complex checks for making sure that the targeted PCs weren't virtual machines (VM)) that security experts utilized alternatively the said advertising networks themselves utilized for finding malicious software. Pcworld.com posted this July 28, 2016.

The attackers utilized a total of 22 ad-networks for exhibiting their ads onto numerous legitimate websites. They sought computers which had ATI or Nvidia drivers loaded along with OEM logos, which indicated that the PCs were running one largely tailored OEM edition of Windows.

Moreover, the current malvertising attack had an unprecedented utilization of steganography for spreading malware implanted on harmful banner ads. And because these sophisticated techniques used for filtering the visits to the malicious ad-embedded websites were employed, the attack flew under the radar for nearly one year.

In June 2016, the security vendor informed all of the 22 advertising sites, while it proceeded with terminating the entire lot of malevolent ads in the attack that infected the websites' networks. The attackers exhibited their advertisements on 113 sites, including The Verge, Le Figaro and The New York Times like top websites.

Proofpoint notes that even with the latest alterations within the attack toolkits that indicate that drive-by malware has diminished, AdGholas suggests that there's no contraction of the malvertising campaign. Rather cyber-crooks keep on evolving with their more-and-more advanced methods allowing them for continuously being treacherous and efficacious despite the up-to-date defensive solutions.

» SPAMfighter News - 8/3/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page