Jump to content

Recommended Posts

Posted

8054bd35b92fb560d1e51f13d411690f.png

 

Security researchers from F-Secure have uncovered a brief malvertising campaign that has hit Skype users, in what seems to have been an accidental infection.

 

Malvertising is the operation of delivering advertising laced with malicious JavaScript code that hijacks the user's browsing experience and takes them to a rogue Web page, where attackers employ automated software called exploit kits to scan the system for vulnerabilities and abuse them to infect the user's PC with malware.

 

Theoretically, malvertising works in all mediums where ads can be shown.

In practice, malvertising is only effective in browsers, since exploit kits are often configured to exploit browser-specific issues.

 

In the most recent case of a malvertising campaign, researchers from F-Secure observed a spike in malicious ads delivered to Skype users.

 

While harmless when shown inside Skype, F-Secure researchers investigated this campaign further and discovered it was also delivering malverts (malicious ads) to browsers.

 

The malicious ads were being shown on sites like eBay.it and were leading users to the Angler exploit kit, which was delivering the TeslaCrypt crypto-ransomware.

 

Criminals used the AppNexus ad platform (adnxs.com) to display the malicious ads, but researchers said the campaign was short-lived probably because the criminals noticed their blunder and shut it down to reconfigure their attack.

 

This is not the first time when malicious ads were delivered to Skype, as something similar happened in 2014 and 2015.

 

ccf89fe5c7b0ea8b6fb13d854ea88360.png

Sample Skype malicious ads

 

Source:

http://news.softpedia.com/news/malvertising-makes-its-way-into-skype-500258.shtml

76c90dd0e79a714317a8daeecc1584d2.png

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...