Malicious advertising hits Amazon, YouTube and Yahoo

Discussion in 'malware problems & news' started by ronjor, Sep 9, 2014.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,791
    Location:
    Texas
  2. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,461
    Noscript or RequestPolicy should block this.
     
  3. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    Thanks for bringing this to our attention ronjor.

    I have read the article but I am still somewhat confused by one point about which the article appears to make contradictory statements (have not had first cup of coffee yet which may account for my confusion).

    To be redirected must an ad be "clicked-on" first? At one point the articles the author states it's not a drive-by, but the gist of the remainder of the article leads me to be of the view that it is. Is the misdirect to a phony ad site or to a misrepresentation of an Amazon/YouTube/Yahoo page?
     
  4. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Normally to display a page your browser will connect to the different sites to download the data including the bad ones (e.g. picture of the mal-advertising and embedded data). So, you do not necessarily need to click on the bad advertising, your browser will be automatically redirected to the bad link. Then depending on how secured (and patched) your system is the malware may need or not your approval to be downloaded and/or to be executed.
     
  5. Countryboy15

    Countryboy15 Registered Member

    Joined:
    Sep 7, 2014
    Posts:
    82
    Would a good ad blocking extension remove or lower the chances of getting bit? I'm using Chrome here with a little bit of Explorer at times, so NoScript is a no go for me. I don't much care for that kind of extension to begin with.
     
  6. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    yes, that will help...
     
  7. Countryboy15

    Countryboy15 Registered Member

    Joined:
    Sep 7, 2014
    Posts:
    82
    Well, I did figure that blocking ads would help block these bad ads, I just was not sure if that was all I needed to do. These criminals are just getting too darn clever and sneaky.
     
  8. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Yes as well as the OS and typical exploitable components (flash, java, etc.) fully up to date. Then just "cancel" anything that will want to save or run. This will avoid most problems unless you are specifically targeted :)
     
  9. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,957
    Location:
    DC Metro Area
    I have read what apparently seem to be contradictory stories about the " drive-by" aspect, if any, of these attacks:


    "A Borg blogger, Armin Pelkmann, with fellow-authors Shaun Hurley and David McDaniel, writes that what the company calls the “Kyle and Stan” malware campaign began in May, and uses redirects to try and trick users into downloading a new media player that ships malware in its payload.....

    The aim is to get punters to download and install a file that's a “bundle of legitimate software, like a media-player”, with a “unique-to-every-user configuration” that gets compiled into the downloaded file.

    There's no “drive-by” component to the attack, however: so far, the post notes, the attackers are relying on social engineering to trick users into the install."

    Full Story:

    http://www.theregister.co.uk/2014/09/10/big_names_caught_in_kyle_and_stan_malicious_ad_attack/

    "“If an attacker can get one of those major advertisement networks to display an advertisement with a malicious payload just for a few minutes without being detected, then countless machines can be infected by such an attack,” he said."

    Fullstory: http://www.itpro.co.uk/security/23082/kyle-stan-attack-amazon-youtube-yahoo-with-malicious-ads
     
  10. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,081
  11. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    From YouTube Ads Lead To Exploit Kits, Hit US Victims:
     
Loading...