- Mar 15, 2011
- 13,070
In the past few days, our scanners noticed malvertising on Google DoubleClick. The malvertisement is being provided to DoubleClick by Adify (Now a part of Cox Digital Solutions), and to Adify by Pulpo Media, and to Pulpo Media by the malicious attackers pretending to be advertisers: indistic.com. The malvertisement causes visitor browsers to load exploits from kokojamba.cz.cc (the exploit domain), which is running the BlackHole exploit pack. Currently, 7 out of 44 vendors on VirusTotal can detect this malware.
This is our report. We plan to put up the video later--we still need to narrate it, which will take some time. As DoubleClick is a very large AD network, we decided to put up the post quickly.
Read More