Signed CryptoWall Delivered via Malvertising Campaign on Top-Ranked Websites

  • 30 September 2014
  • 1 reply
  • 2 views

Userlevel 7
Badge +54
Initially, antivirus engines failed to detect the threat
By Ionut Ilascu on September 29th, 2014 23:53 GMT Five prominent websites have been found to redirect visitors to malicious locations through the advertisements they displayed, delivering a variant of the CryptoWall ransomware on the victims’ computers.
One of the interesting aspects is that the variant of the malware discovered by security researchers is apparently signed a few hours before the campaign was launched, with a valid digital certificate from DigiCert, which makes it more difficult to detect on the affected system.

The malicious advertisements have been inserted via the Zedo ad network on the following websites: hindustantimes[.]com, bollywoodhungama[.]com, one[.]co[.]il, codingforums[.]com, and mawdoo3[.]com. Full Article

1 reply

Userlevel 7
That is why we have Webroot to protect us. Antivirus engines can't keep up with these malicious malware.

Reply