Malvertising campaigns intensified last week

May 10, 2016 11:17 GMT  ·  By

Malvertising campaigns affected quite a few large sites in the past, and a new set of malicious ads made their way onto Blogger, the PerezHilton gossip site, and on the network of CBS affiliate TV stations.

All attacks took place late last week and over the weekend, and affected different advertising networks, meaning it was not part of a well-coordinated distribution plan.

Malvertising makes its way into Blogger sites

The biggest site hit was Google's Blogger (Blogspot) platform, where US security firm Malwarebytes detected a series of ads delivered through the PLYmedia platform.

The malicious ads observed by Malwarebytes were redirecting users to two destinations. First, they were redirecting users to other pages hosting the Angler exploit kit, but other users were also redirected to adult websites as part of user sign-up affiliate programs.

Security information portal VirusBulletin also reported about malvertising on the same Blogger platform that was redirecting users to websites hosting tech support scams. Here, crooks were trying to fool users into calling fake support centers and paying for various services and applications they did not need.

Other sites were also affected

To the end of last week, the same Malwarebytes also reported on a similar malvertising campaign that touched the news portals of CBS-affiliated TV stations.

Malwarebytes reported about seeing malvertising on the website of a TV station in Saint Louis called KMOV, and the other WBTV, located in Charlotte, North Carolina.

In this campaign, crooks were redirecting users to the Angler exploit kit, which infected users with vulnerable computers with the Bedep malware, which in turn downloaded the CryptXXX ransomware. We recently wrote an article about how CryptXXX received an update to version 2.0, making the ransomware even more dangerous now.

In another case reported separately by Cyphort, on April 30, 2016, the company reported a similar malvertising campaign affecting the gossip site of Perez Hilton, one of Hollywood's most salacious reporters. The same with the other campaigns, crooks were also using the Angler exploit kit.

One of the malicious ads seen on Blogger sites
One of the malicious ads seen on Blogger sites

Photo Gallery (2 Images)

Malvertising hits big name websites
One of the malicious ads seen on Blogger sites
Open gallery