Alexa 500 Sites Targeted with Adaptive Malware

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,048
A malicious campaign has been targeting premium publishers using malvertising that looks like legitimate ads for popular retailers, according to The Media Trust.

Researchers today published a blog post explaining that a large-scale malicious campaign attempted to exploit 44 adtech vendors with the ultimate goal of attacking the millions of customers who visit 49 of the Alexa 500 premium publisher sites.

Nearly 80% of the devices targeted were running iOS. Of the more than 600,000 attacks that were detected and analyzed, researchers discovered that unsuspecting visitors didn’t even need to click on any of the ads. By visiting the sites, they were redirected to malicious content prompting them to enter their login credentials. This campaign is reportedly unique because of the malware’s adaptability.

“The group behind the attack had designed an adaptive campaign so that as soon as one malware and supply chain route was identified and terminated, another attack would immediately ensue using different malware and alternative supply chain routes,” researchers wrote.

“Each time attacks were identified and foiled, new ones would launch using other ad formats, fire up new supply chain routes, and employ unique code obfuscation techniques.”

Researchers also said, “combining resources that fed into the entire solution was key,” and they suspect that victims who visited less monitored sites likely had some of their credentials compromised.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top