Attackers Clandestinely Distribute Malware by Using Ad Networks

According to Trend Micro, cyber-criminals in a new assault against corporate users are utilizing FlashPack an attack toolkit as the latter download applications that online advertisements support. In a most deceptive way, these adverts clandestinely contaminate victims with various malicious programs as also ransomware even if the victims don't visit insecure sites or follow malicious web-links.

Trend Micro observes the assaults are getting waged via three particular harmful Web-domains, with most victims till now belonging to United States.

However, for installing a malware called DOFOIL that as per Trend Micro, can be seen presently kicking off across cyber space, the assaults have been also victimizing end-users based in EMEA region and United Kingdom accounting for more than 17% of the hitherto identified victims.

The malicious program DOFOIL can link up with command and control URLs, spot sandboxes and install files, describes Trend Micro.

Meanwhile, when the malware strains namely Dofoil or the CryptoWall ransomware are distributed through malicious ads, it entails severe danger in case the attack method is combined with freely-available software which exhibit adverts. As a result, there can be system infection along with potential data and/or information theft. Therefore, Web-surfers require being careful about software they download. Likewise, corporate employees require being made aware of the software type they can download onto their workstations. Where feasible, IT policies can be formulated for e.g., Acceptable Usage Policies which the InfoSec department of the enterprises can draft, explains Trend Micro. Blog.trendmicro.com published this dated November 18, 2014.

Besides, it is also necessary to make sure that both individual and corporate users note the type of intermediate software programs like Java and Flash that their Web-browsers may download. Wherever feasible, security software that sieves Web-content should be deployed so ad-related or malware-related websites can be blocked.

A similar attack impacting many renowned websites, among which Match.com and Yahoo are included, was examined during October 2014 at Security Company Proof Point.

Eventually, according to a report that experts from UCSB (University of California, Santa Barbara), University College London and Ruhr-University Bochum recently published, one percent of Internet-based advertisements have malicious intent.

» SPAMfighter News - 11/26/2014