Malicious ads on YouTube: ransomware

Posted on

seguridad de celularesResearchers at Trend Micro have shed light on a recent campaign, where poisoned YouTube ads led visitors to the Sweet Orange exploit kit.

In the campaign, users running vulnerable versions of Internet Explorer were targeted, Joseph Chen, a fraud researcher at the firm, said in a Tuesday blog post. Chen explained the redirection method used by attackers, as YouTube visitors weren’t sent directly to malicious sites.

“Instead, the traffic passes through two advertising sites, suggesting that cybercriminals behind this campaign bought their traffic from legitimate ad providers,” Chen wrote. “In order to make their activity look legitimate, the attackers used the modified DNS information of a Polish government site.” Instead of compromising the site, miscreants altered DNS information by “adding subdomains that lead to their own servers,” he added.

Ultimately, the attacks led to malware, called “Kovter,” which is used to carry out ransomware scams.

 

Source:http://www.scmdagazine.com/internet-explorer-users-at-risk-in-malicious-ad-campaign/article/377496/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s