Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

Malvertising Campaign on Yahoo, AOL, Triggers CryptoWall

Oct 24, 2014 1:30AM PDT
.. Infections

Attackers have been leveraging the FlashPack Exploit Kit to peddle the CryptoWall 2.0 ransomware on unsuspecting visitors to sites such as Yahoo, The Atlantic and AOL. Researchers believe that for about a month the malvertising campaign hit up to 3 million visitors and netted the attackers $25,000 daily.

According to experts at Proofpoint, a firm that primarily specializes in email security, the exploit kit targeted a vulnerability in Adobe Flash via users' browsers to install the ransomware on users' machines.

Malvertising is an attack that happens when attackers embed malicious code - in this case code that led to the latest iteration of CryptoWall - into otherwise legitimate ads to spread malware via drive-by downloads. Users can often be infected without even clicking on anything.

Continued : http://threatpost.com/malvertising-campaign-on-yahoo-aol-triggers-cryptowall-infections/108987

Related:
Widespread malvertising campaign targets high-profile sites, delivers ransomware
Ad-borne Cryptowall ransomware is set to claim FRESH VICTIMS

Find list of sites impacted @ Proofpoint : Malware in Ad Networks Infects Visitors and Jeopardizes Brands

Discussion is locked