Google, Microsoft Duped Into Serving Malware Ads

Google, Microsoft Duped Into Serving Malware AdsGoogle's advertising subsidiary DoubleClick and Microsoft’s MSN ads service both have admitted to falling for a clever scheme by some nasty black hat hackers. Malicious banner ads for both services were found to be trying to perform drive-by download exploitation and install malware on users' machines.

As with many great (or terrible) episodes of computer crime, a key component was clever social engineering. Hackers created a site called ADShufffle.com -- one letter away from ADShuffle.com, a major online advertising technology firm. Apparently that was enough to get the ads through screeners at Microsoft and Google.

Security firm Armorize appears to be the first to have noticed the attack. Wayne Huang chief technology officer of Armorize details the unusual incident in a blog, writing:

Users visit websites that incorporate banner ads from DoubleClick or rad.msn.com, the malicious javascript is served from ADShufffle.com (notice the three f's), starts a drive-by download process and if successful, HDD Plus and other malware are installed into the victim's machine, without having the need to trick the victim into doing anything or clicking on anything. Simply visiting the page infects the visitors.

Known sites affected: Sites that incorporate DoubleClick or rad.msn.com banners, including for example Scout.com (using DoubleClick), realestate.msn.com, msnbc.com (using both), and mail.live.com. We'd like to note here it's very possible that multiple exchanges, besides those listed here, have been serving the fake ADShufffle's ads.

For all its ingenuity, the attackers used pretty standard exploitation packages, including Neosploit and the Eleonore exploit kit. Both kits are popular among black hat hackers, but also among security experts who purchase them to battle-test the security of corporate systems.

The latest attack used Javascript exploits to begin a download procedure, which was triggered when users visited a page that was serving the compromised banner ads. The ad service would then request the code for the ad from the hackers' servers, initiating the attack.

A Google spokesperson assured that the ads were only up for a very brief time and have since been terminated. The company is now investigating the incident. Microsoft did not release a statement, but likely is taking similar measures.

The incident is not Google's first brush with malware advertising. Previously malicious hackers were found to be leveraging Google's AdWords service. In that case, as well, the key to the criminals' success was using legitimate-looking links.

Source: DailyTech

Tags: Google, Microsoft

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


Last news

 
The smartwatch is reportedly being released alongside the Galaxy Note9 with some new tech on board
 
Not to be confused with a flip phone which separates the display from the hinge
 
The PCI-SIG has announced that PCIe 4.0 specification is finished
 
The report even mentions that AMD developed the Navi GPU architecture specifically
 
Intel has alreadt started production of XMM 7560 modem chips
 
The Galaxy Note 9 was previously expected to ship with a 3,850mAh battery
 
New update claimed to reduce system stability issues by 20%
 
The new silicon could let Intel design 20-core and 22-core SKUs for the X299 Express chipset
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 /
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
 
 

News Archive

 
 
SuMoTuWeThFrSa
     12
3456789
10111213141516
17181920212223
24252627282930




Poll

Do you use microSD card with your phone?
or leave your own version in comments (10)