Google's doubleclick ad servers and Zedo ad agency serve millions aggressive malware
Posted by: Jon Ben-Mayor on 09/19/2014 02:42 PM [ Comments ]
Malwarebytes researchers encountered some strange behavior popping up on sites such as Last.fm, The Times of Israel as well as The Jerusalem Post.
Researchers commented that the highly unusual ad activity on those sites was very aggressive, setting off anti-virus warnings and raising flags in a number of Malwarebytes systems.
After some digging, researcher Jerome Segura realized the problem was coming from Google's DoubleClick ad servers and the popular Zedo ad agency. Together, they were serving up malicious ads designed to spread the recently identified Zemot malware.
A Google representative has confirmed the breach, saying "our team is aware of this and has taken steps to shut this down."
The Verge further explains that Zemot is focused on computers running Windows XP, although it can also infect more modern operating systems running on x86 and 64 bit machines. Zemot is designed to bypass a system's security before infecting computers with additional malware, so it's difficult to exactly what effect the attack would have on a system once security had been breached.
Malwarebytes was surprised to see attacks on a large scale like this, and recommended keeping your systems up-to date, with current antivirus and anti-malware protection along with Malwarebytes Anti-Exploit to detect and block any of these types of attacks.
Researchers commented that the highly unusual ad activity on those sites was very aggressive, setting off anti-virus warnings and raising flags in a number of Malwarebytes systems.
A Google representative has confirmed the breach, saying "our team is aware of this and has taken steps to shut this down."
The Verge further explains that Zemot is focused on computers running Windows XP, although it can also infect more modern operating systems running on x86 and 64 bit machines. Zemot is designed to bypass a system's security before infecting computers with additional malware, so it's difficult to exactly what effect the attack would have on a system once security had been breached.
Malwarebytes was surprised to see attacks on a large scale like this, and recommended keeping your systems up-to date, with current antivirus and anti-malware protection along with Malwarebytes Anti-Exploit to detect and block any of these types of attacks.
Comments