Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 1 October, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

AOL cleans up malvertising problem

by The Gurus
January 7, 2015
in Editor's News
Share on FacebookShare on Twitter

AOL has claimed that it has been able to stop malicious advertisements being served by its advertising platforms.
 
After malicious ads redirected users to malware-ridden websites, an AOL.com spokesman told PC Advisor that it has taken the necessary steps to fix the problem. “AOL is committed to bringing new levels of transparency to the advertising process, ensuring ads uphold quality standards and create positive consumer experiences,” said spokesperson said.
 
The malicious ads shown by AOL redirected users to a web page that hosted an exploit kit, according to Cyphort. It found that the exploit kit served up an exploit for Adobe Systems’ Flash program.
 
Before landing on the attack site, users were passed through a number of other websites, some of which used HTTPS in order to hide the servers used for the attack. Cyphort wrote that one of the HTTPS redirectors that was used was hosted on a Google App Engine page, which made analysis of the redirect harder.
 
Cyphort’s Nick Bilogorskiy said that he suspects the exploit kit used was NeutrinoEK, but said he also saw similarity between thise and the Sweet Orange kit.
 
“The purpose of this attack is to install a malicious binary – a new variant of a Trojan, from the Kovter family,” he said.
 
“The malware was downloaded from indus.qgettingrinchwithebooks.babia-gora.pl:8080, it was an unencrypted binary. After execution it connects to a16-kite.pw for [command and control]. It executes through injecting its payload to a spawned svchost.exe process.”

FacebookTweetLinkedIn
Tags: ExploitMalvertising
ShareTweet
Previous Post

Gogo defends use of fake Google certificates

Next Post

Chick-A-Fil A investigates payment security compromise

Recent News

Guide to ransomware and how to detect it

Guide to ransomware and how to detect it

September 28, 2023
software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information