Operation Fingerprint: A Look Into Several Angler Exploit Kit Malvertising Campaigns

  • 1 March 2016
  • 1 reply
  • 81 views

Userlevel 7
Badge +54
March 1, 2016 | BY Jérôme Segura
 
                                              


 
Malicious advertising, also known as malvertising, has become the best method to distribute malware on a global scale with surgical precision. Simply put, malvertising is a means to expose innocent users visiting legitimate websites to malware via a rogue advert.
 
Leveraging the extensive user profiling available to advertisers, cybercriminals are able to target their victims like never before in attacks that are both cost effective and difficult to pinpoint.
 
Full Article

1 reply

Userlevel 7
By Sead Fadilpaši?
 


 
Cyber-criminals are now using fingerprinting techniques in their malvertising campaigns, researchers from security firms Malwarebytes and GeoEdge have reported.
Fingerprinting is an evasion technique in which crooks, through snippets of code, check if the targeted machine is a honeypot set up by malware researchers or an actual machine belonging to a potential victim.
 "For many years, threat actors have leveraged the ad industry to deliver malicious payloads in very efficient ways. However, most malvertising attacks usually tend to be discovered early on and thwarted, therefore increasing the amount of work required to set up new ones constantly", said Jérôme Segura, senior security researcher at Malwarebytes.
So far, this technique was only spotted at the exploit kit level, mostly with Angler, but has now moved "up the chain", as the researchers say, reaching the malvertising phase, thanks to online ads.
 
full article here:

Reply