Security bods have closed off a malvertising campaign targeting an ad network spread through an ad network that targeted smut site P0rnHub.
The attacks exposed “millions of potential victims in the US, Canada, the UK, and Australia”, said the Proofpoint researchers who discovered the attack.
Proofpoint said the campaign was waged by the KovCoreG group (distributor of the Kovter malware) for more than a year.
Kovter isn’t new: it turned up in poisoned ad campaigns in 2015, and again earlier in 2017.
In the most recent campaign, Proofpoint said the campaign hooked users through fake Chrome/Firefox/IE browser updates (and a fake Flash update for good measure), and the attack was active for more than a year until the ad network, Traffic Junky, and the smut site lowered the boom.
“The chain begins with a malicious redirect hosted on avertizingms[.]com, which inserts a call hosted behind KeyCDN, a major content delivery network”, Proofpoint writes.
As an example of the obfuscation the campaign used, Chrome users were hit with a JavaScript which beaconed back to the attackers’ server: this prevented analysts working through the infection chain if their IP hadn’t checked in.
“This makes it extremely unlikely that the JavaScript can be run alone and provide the payload in a sandbox environment. This is most likely why this component of the chain has not been documented previously.”
云计算,需要为客户提供网站访问情况的详细统计分析功能,服务商也需要从中分析用户行为,用以发现问题和改善服务质量,不过小心随着人们的隐私保护意识得以加强,会挑战相关的用户数据搜集和保存条款。
“It should be noted that both P0rnHub and Traffic Junky acted swiftly to remediate this threat upon notification”, Proofpoint noted in its post. ®
Bootnote: Using “Pr0rnHüb” instead of the site’s real name helps our news to pass content filters so you can enjoy this news at work.
Sponsored:
The Joy and Pain of Buying IT – Have Your Say
万通地产新老板又傍中植系 地产金融成最后希望
处于产业链低端的发展中国家推动信息安全也依赖先进的技术,发达国家对尖端产品设定了出口限制,所以自行研发和制造IT安全产品是必需的,搞开放式标准,建立政府和企业之间的联盟是必要的。

猜您喜欢

射洪县涪西镇开展农业生产安全文化宣传活动
安全管理者的利器——安全意识培训工具箱
Security-Frontline-安全前线
直击陕西最富裕的地级市 也是陕西最牛的城市!
KELBET SEMINOLECOMMUNITYCHURCH
企业安全意识之歌