Security incidents seldom are unrelated. Connecting those dots can help us better understand the underlying architecture and groups involved in cyber-crime.
Since early July, we have been tracking a malware campaign that leverages legitimate websites, DNS records and exploit kit operators.
This mechanism in itself is not something new since the majority of drive-by downloads are the result of malicious redirections from legitimate sites and rotating URLs used as the doorway to exploit kit landing pages.
But this particular instance is unique in how it cleverly uses the same Flash-based redirection script which also allows us to tie similar website compromises together.
Overview
Full Article