Saturday, 18 April 2015

Weather Infected Ads Distributed By Google DoubleClick

Attackers twice in a short time managed to spread infectious ads through Google's DoubleClick. The attack, which has now become known was conducted through a company called Merchenta, which offers an advertising platform and direct ties with Google DoubleClick. Through this platform, the company would be US only deliver 28 billion monthly ad impressions.

The attackers did in this case as an advertiser and infiltrated the platform through a third party, says anti-virus company Malwarebytes. In addition, they managed to get the infected ad on the advertising platform Merchenta, after which it was transferred to the channels of DoubleClick. Contaminated ad within minutes would have had a 95% coverage in the US, Europe and Britain, which ran a large number of people risk, says Malwarebytes.

The virus fighter notes that DoubleClick is not directly responsible for loading the infected ad, but it starts with the chain of trust with the publisher, which has little control over the transactions that take place. The ad in question was using a well-known and already patched vulnerability in Adobe Flash Player to infect computers with malware. At the time of the attack, the exploit that abuse of the leak was detected by any of the virus scanner.

It was the same exploit that was recently used in another attack campaign, which contaminated ads include on the website of the Huffington Post published. The account of the attackers was lifted according Merchenta on 10 April. Two days earlier warned the Delft security firm Fox-IT for another attack that took place around the same time via DoubleClick. However, it has been used a different exploitkit for infecting unpatched Internet users.

No comments:

Post a Comment