Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Malicious Online Ads make Millions Vulnerable to Possible Hack


ESET, an antivirus provider, issued a report mentioning that malicious code existing in the advertisements have been found by the researchers, which are now appearing in many reputed news sites by rotation. Digitaltrends.com posted on December 6th, 2016, stating that from the very first day of October, million web surfers using Microsoft or Internet Explorer as browser are exposed to these types of malicious ads.

The report says that the ads encourage applications known as "Broxu" and "Browser Defense". What is frightening is the real graphic that are used in the ads consists malicious code buries inside the structures of their alpha channel, describing transparency of every pixel in the images. As explained, the alpha channel makes background colour of image transparent, enabling focused object to reside as overlay against the image or colour in the background.

This attack is planned for infecting victims with the malware, which can steal credentials of password via its keylogging along with snapshot grabbing features along with others. It is also very difficult to detect the attack. A post also states that hackers were basically poisoning pixels that are used in the tainted banner advertisements to infect their victims.

Hackers used the same so-called malvertising strategies for covertly serving the malicious coding above the genuine online ad networks. It is a method of attack which has been proved successful in distributing malware quickly to possibly millions.

ESET said that the Stegano attackers were also cautious to produce defenses to thwart detection. For example, banner ads will alternate between serving the clean version or the malicious version, depending on the settings of the computer of the victim. It also checks for any type of security features or the virtualization software on computer prior to continuing with attack.

In spite of attacking only IE users and unpatched Flash versions users, Stegano is significant for concealment of the exploit code in pixels of banner ads. There is no reason that campaigns in the future - or may be any ongoing campaigns not discovered yet - could not exploit the zero-day vulnerabilities which infected a bigger base of people. The scourge may continue till the time ad networks become much better to detect the malvertising campaign.

ยป SPAMfighter News - 12/14/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next