Jump to content

Recommended Posts

  • ExTS Admin
Posted

The Media Trust, an online security vendor, has detected a malvertising campaign that specifically targeted ads presented with online video as a channel of distribution.

 

While malvertising campaigns using video ads have surfaced in the past, the recent attack detected by The Media Trust affected over 3,000 websites, many of which were part of Alexa's Top 100.

Fortunately, the campaign only lasted for 12 hours, late on Thursday, October 29, and was thwarted by the company's quick response.

 

The attack followed the regular infection pattern used by normal malvertising techniques, but with a few modifications to work with video delivery platforms.

 

According to The Trust Media team, a malicious SWF file was downloaded on the victim's computers when accessing a video page.

The malicious file was hosted on the brtmedia.net domain and was imitating a video player.

 

This SWF file executes its malicious load only on lesser known sites, avoiding large video platforms, where security teams continually search their sites looking for problematic ads.

 

The actual attack happens when the SWF file injects JavaScript code in the page where the video ad is supposed to display, simulating a winning ad bid, but actually loading a 1px by 1px hidden iframe.

 

This iframe loads a popup window that scans the user's computer settings and prompts him with a message to update some of his local software.

 

If the user is careless to click on the popup, he will download malicious software packed with PUPs and other malware.

 

http://img.photobucket.com/albums/v708/starbuck50/malvertising-has-now-spread-to-video-ads-496161-2_zpsvibxs6ch.jpg

 

 

 

Source:

http://news.softpedia.com/news/malvertising-has-now-spread-to-video-ads-496161.shtml

Member of:

UNITE

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...