Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Cisco, GoDaddy Abort Massive Malvertising Attack

A malvertising attack that has been unthinkably extensive targeted about several million Web-surfers within Europe, United States, the Middle East and Asia Pacific, contaminating people with ransomware prior to the Talos research division of Cisco acted towards terminating the campaign this August 2016.

The campaign made use of malicious ads for channeling some special kind of end-users via one intermediary gate, that is, certain server which would take those end-users onto one landing page which carried with it the Neutrino Exploit Kit (EK). The redirection of the end-users was without any effort i.e. victims didn't require clicking through the advertisement.

Cisco's researchers in collaboration with Godaddy were able in stopping this campaign. Understandably, the EK-hosting server had its base in Russia. Web-surfers attempting at accessing clean, untainted sites got diverted onto this server. Behind the screen and quietly Neutrino would hunt to find security flaws on the infected PC for exploiting them to plant various kinds of ransomware. Newsbtc.com posted this on the Internet dated September 3, 2016.

A cyber-crime crew called ShadowGate in an above type of malvertising campaign compromises Web-surfers and diverts them from their routine surfing activity. The crew is so named because it carries out its operation with the aid of domain shadowing.

Security researchers at Cisco state they have traced a number of campaigns ShadowGate has executed via the release of advertisements through advertising platforms Revive and OpenX. ShadowGate would purchase advertisements on Revive and OpenX whose servers would enable the crew towards incorporating JavaScript code into their ads.

Talos by analyzing the SSL traffic figured out that those behind it surreptitiously slipped malware-tainted ads onto clean, genuine online sites via hijacking advertisement streams employing harmful iframes which diverted receivers onto the above indicated gates. In reality, Talos researchers came across web-pages on which each of the advertisements contained an iframe that caused several diversion attempts all at the same time.

It is believed that as online advertising grows in popularity, cyber criminals will exploit it for increasing number of malvertising campaigns that they find a great method for imposing plentiful damage on people's PCs.

ยป SPAMfighter News - 9/9/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page