Malicious ads on YouTube: ransomware

Cyber Security

seguridad de celularesResearchers at Trend Micro have shed light on a recent campaign, where poisoned YouTube ads led visitors to the Sweet Orange exploit kit.

In the campaign, users running vulnerable versions of Internet Explorer were targeted, Joseph Chen, a fraud researcher at the firm, said in a Tuesday blog post. Chen explained the redirection method used by attackers, as YouTube visitors weren’t sent directly to malicious sites.

“Instead, the traffic passes through two advertising sites, suggesting that cybercriminals behind this campaign bought their traffic from legitimate ad providers,” Chen wrote. “In order to make their activity look legitimate, the attackers used the modified DNS information of a Polish government site.” Instead of compromising the site, miscreants altered DNS information by “adding subdomains that lead to their own servers,” he added.

Ultimately, the attacks led to malware, called “Kovter,” which is used to carry out ransomware scams.


Ver la entrada original

Deja una respuesta

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de

Estás comentando usando tu cuenta de Salir /  Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Salir /  Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Salir /  Cambiar )

Conectando a %s