How malicious ads use the internet to spread cryptowall blackmail software

Source: Internet
Author: User
Keywords Network security
Tags advertising cyber criminals high high profile internet internet + network network security
Blue Coat has discovered a malicious ad attack that uses large legal advertising networks such as ads.yahoo.com to carry out cryptowall extortion activities. In the malicious advertisement attack, the cyber criminals obtain the legal status for their advertisement server in the advertisement network, then spreads the malicious advertisement to the high profile website. These ads appear legitimate, but provide unsuspecting users with malicious software or other harmful software. Chris Larsen, architect of the Blue coat system webpulse Threat research team, said: "As cyber criminals succeed in getting 21163.html", the trust of major advertising networks (such as ads.yahoo.com), those seemingly small malicious ads can quickly attack and become more pronounced. Ad servers are interconnected and potential attackers are easily trusted, which brings more malicious advertising to the porous security model, exposing users to various extortion software and other malware that steal personal, financial, and credential information. "It is understood that during this time, security researchers at Blue coat tracked malicious traffic associated with cryptowall extortion activities. CryptoWall is a Trojan horse that encrypts various types of files and blackmail users who want to safely retrieve those files. As the team investigates the origins of traffic flowing to malicious sites, they have discovered a series of sites in countries such as India, Burma, Indonesia and France. In addition to websites in different countries and languages, the team also found that adsmail.us is a malicious Web site to point to. When they found that the site sent traffic to another malicious network, but did not send traffic to any legitimate web site, the Blue coat security researcher marked the site as a malicious advertisement. Adsmail.us also gets traffic through at least two other suspicious ad servers (instadserver.com and australianadserver.com). It also obtains traffic through ads.yahoo.com and other legitimate advertising networks. The potential impact of a wide range of major advertising servers to the traffic-oriented adsmail.us, the discovery of a small attack to escalate into a potentially more damaging attack. This also shows why malicious advertising has become a major threat to network threats. "Responsible editor: Wang Lin TEL: (010) 68476606" Original: How malicious ads use the internet to spread cryptowall blackmail software return to network security home
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.