Malvertisers Seek to Plant Malware on Brian Krebs’ Web-Portal

Brian Krebs, well-known security researcher recently asserted that one malvertising assault had exploited KrebsOnSecurity.com his chief website lately. Infosecurity-magazine.com published this dated November 30, 2011.

Krebs said that one distinct underground hacker website lately tried to install malicious software onto KrebsOnSecurity.com after making a payment for the execution of corrupt ads via Federated Media, the website's ad-chain.

However, the assault failed to succeed because of various defenses, yet it outlines a number of challenges confronting organizations that attempt at fighting the ever increasing number of malvertisings.

Krebs, within his most recent blog post, sarcastically writes that during the week of November 21, 2011, he put down the various honors cyber-criminals showered on his blog KrebsOnSecurity.com as well as its author during the recent years. He especially recalls one recent event wherein hackers, part of Darkode.com an English-language criminal website, on 27th May, 2011, attempted at surreptitiously loading one malicious advertisement onto KrebsOnSecurity.com.

The advertisement apparently looked like it promoted anti-virus from BitDefender; however, in reality installed one malevolent domain namely sophakevans.co.cc, which served scareware.

Krebs further wrote that the crooks settled for a payment of a minimum of $272 for a maximum of 10,000 versions of the advertisement designed for being executed on his website. Luckily, he was equipped with examining ads, which came via the Federated Media. Moreover, Federated Media stopped the advertisement even prior to it being assigned for endorsement, he added. KrebsOnSecurity.com published this dated November 29, 2011.

Meanwhile, Krebs states, it was during 2008 that the Dakode website was introduced to chiefly serve like one support site in the case of the "Butterfly Bot," as per existing and former members. The Butterfly Bot is one copious bot-malware, which its creator, "Iserdo" a hacker sold over long on the underground world. At certain instance, according to Iserdo, he traded the support site for the benefit of other criminals, while started providing support for hirers of the Butterfly Bot through "Bf-Support" a Google Team.

Conclusively, preventing advertisements in bulk can help to successfully block mal-vertisements; however, this method can adversely cause the blockage of an important source of earnings that several websites seek.

Related article: Malvertising Attack Targets TweetMeme

» SPAMfighter News - 12/8/2011