Pages

Saturday, 15 August 2015

Infected Ads Hide Behind SSL



The criminals who first infected ads on the websites of Yahoo demonstrated have now found a new ad network and use SSL to complicate the detection of malicious traffic. That leaves anti-virus company Malwarebytes know. The ad network in question is AdSpirit.de whose ads drudgereport.com and wunderground.com shown.

These websites get together more than 110 million visitors per month. The infected ads contain a redirect via SSL to an Azure-site, making it difficult to detect the malicious traffic at the network layer, reports analyst Jerome Segura. The ads users a website with the Angler-exploitkit charge. This exploitkit uses known vulnerabilities include Adobe Flash Player that users are not patched. What malware is installed on a successful attack Segura do not know.

No comments:

Post a Comment