Malware spread via Google, Microsoft ad network..!!

priyanshuit's picture


A number of online ad networks - including the two largest, Google's DoubleClick and Microsoft's Media Network - have been found unknowingly spreading malware via compromised ads provided by a malicious "company" impersonating the legitimate ad serving and marketing firm AdShuffle.

A simple visit to various sites - among which are also the high-profile realestate.msn.com, msnbc.com, mail.live.com, and many others - triggered the malicious javascript served from ADShufffle.com (three f's) which started the drive-by download.

Taking advantage of a variety of IE, Adobe Reader, Java, and other PC software bugs, the attackers have manage to install backdoors that allow them to access the compromised computers and HDD Plus, a fake system optimization tool that makes it seem like the system is failing and asks the users to purchase a license in order to make things right:
It took a while for security firm Armorize to discover how the malware was spread, and as soon as they did, they informed the ad networks.

There is a variety of reasons why the scam wasn't detected sooner, but among them is the fact that the exploit themselves had been successfully obfuscated and that the detection rate by antivirus solution was exceptionally low.

The good news is that these bugs are known and have already been patched, so users who kept their software and antivirus solutions updated were not at risk.

Source: www.net-security.org

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
5 + 1 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

About the Author

priyanshuit's picture

Name
priyanshu

Last Name
sahay

Gender
Male

Website / Blog
http://www.hackersonlineclub.com

About me
Myself PRIYANSHU. >> Certified Cyber Law Expert >> Certified Cyber Security Expert >> Certified Ethical Hacker >> Working on Cyber Security, Ethical Hacking, Investigation, VAPT, Web Designing. Catch Me On >> Facebook: http://www.facebook.com/priyanshu.it Twitter: http://twitter.com/priyanshu_itech Email: priyanshu@cyber-india.in

Location
Delhi

Recent comments