Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Adf.ly Malvertizing Campaign Using HanJuan Exploit Kit, Observes Malwarebytes

According to Malwarebytes the security company, one fresh malvertizing assault, which targets Adf.ly the URL condensing and advertising service, is using the HanJuan attack toolkit to distribute one newly developed banking Trojan.

The threat worked since the attackers managed towards effectively issuing one malevolent ad to Adf.ly that subsequently got exhibited to Web-surfers clicking on Adf.ly web-links floating across the Web.

Senior Security Researcher Jerome Segura of Malwarebytes explains how Adf.ly commercializes the facility it provides by exhibiting advertisements at the time people follow the condensed web-link. Prior to getting diverted from the condensed web-link onto the real website, one advertisement comes up lasting just seconds. Immediately the malvertizing occurs, Segura says. SCMagazine.com reported this dated June 25, 2015.

Amazingly, just on exhibition of the malvertisement, one chain of diversions gets started even when there's no user interaction. The end-users eventually would land on certain hijacked Joomla site which reportedly thrusts the HanJuan attack toolkit.

According to Segura, the landing site serving the HanJuan carries software that installs attack codes exploiting CVE-2015-0359 a Flash vulnerability as well as CVE-2014-1776 an Internet Explorer flaw, based upon the visitor's profile. Softpedia.com reported this dated June 24, 2015.

And while being malicious software, the payload injects into the prominent Firefox or Chrome or IE web-browser as also maintains watch over Web operations and remains in wait till it gets the login pages of the required Internet forums, which users would actually access.

Meanwhile, Malwarebytes has named the malware 'Fobber,' however, Fox-IT a Dutch security firm recognizes it to be Tinba meaning Tiny Banker, the bank info-stealing Trojan in one fresh variant.

This Trojan, which filches precious user credentials, quite well resists elimination via getting its own updates as also of its command-and-control servers.

Malwarebytes states that although its researchers haven't seen Fobber filch any credentials related to banking websites, a possibility surely exists considering how update model of the malware provides flexibility. Theinquirer.net reported this dated June 25, 2015.

Additionally according to Malwarebytes, it recently made available to the Netherlands' agencies of law enforcement all information regarding the malvertizing scheme, HanJuan, and Fobber.

ยป SPAMfighter News - 7/3/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page