Google ads with malware! Yes you read that right. Yesterday evening, researchers Malwarebytes noticed a strange behavior on sites like Last.fm, The Times of Israel and the newspaper Jerusalem Post. The ads served these websites were unusually aggressive, causing warnings from anti-virus systems and Malwarebytes.
After much research, the security researcher Jerome Segura realized that the problem stems from the ad networks of Google, DoubleClick and popular Zedo. Both networks promoted malicious ads that are designed to distribute Zemot malware. A Google spokesman confirmed the problem, saying: "Our team is aware of the problem and has taken the necessary to eliminate it."
The Malware served by ad networks (or «malvertising») is nothing new, but this incident is noteworthy because of the unusually wide range of attack.
"He was active, but not visible for several weeks until we started to see popular sites to" fly »flags on our honeypots," says Segura.
"Then we thought, that something is happening." Early indications came in late August, and today millions of computers likely to have been exposed to Zemot, and people with antivirus is not updated at risk. "
The Zemot focuses on computers with Windows XP, although it can also infect and modern operating systems that run on x86 and 64bit. The Zemot designed to bypass the security of a system before infecting with additional malware.
"Even though there were only 5% of vulnerable systems," says Segura «expect a very large number of infections."
0 comments:
Post a Comment
We are eager to see your comment. All comments will moderate by the hand of man, and all links are nofollow.