9/2/2016
09:45 AM
50%
50%

Cisco's Talos Group Shuts Down Malvertising Campaign

Global online campaign exploits ads with Neutrino Exploit Kit to transfer ransomware to victims' computers, reports Threatpost.

Cisco System’s threat research group has detected and deactivated a global malvertising campaign which exposed visitors on legitimate sites to the malicious code Neutrino Exploit Kit, says Threatpost. Talos Security Intelligence and Research Group took two weeks beginning on August to work with GoDaddy and shut down the malicious server in Russia, which hosted the exploit kit.

According to Talos, criminals used “gates” to display ads stolen from other websites and redirected visitors to the exploit kit. Cisco researcher Nick Biasini said that in those two weeks about 1,000 of one million visitors may have been exposed to Neutrino EK, which then tried to transfer the CrypMIC ransomware to their computers.

Biasini emphasized the seriousness of malvertising campaigns noting that as more content continues to move online the primary revenue source for web sites is online ads. "Cybercriminals know this and are increasingly turning away from other more typical ways of pointing traffic to exploit kits and are now looking to malvertising,” he said.

For details of how the EK worked, click here.  

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2019 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service