Pop-Under Ads Spreading CryptoWall Ransomware
Posted by: Timothy Weaver on 01/09/2016 11:49 AM [ Comments ]
Flash player takes another hit. This time it is facilitating CryptoWall malware.
Researchers at MalwareBytes discovered a malvertising campaign that relies on Flash to infect victims with the Magnitude exploit kit (EK), infecting victims using old versions of Flash Player with CryptoWall 4.0 ransomware.
The campaign, which mainly targets European users, launches the Magnitude EK through pop-under ads, ad windows that the researchers explained appear “behind the main browser window and typically remains open until the user manually closes it.” Once the victim is infected, they are asked to pay the ransom to recover their files.
The researchers noted that the ads in this campaign have largely been placed on adult sites and video streaming sites. They urged users to keep browsers and plugins current and suggested they “consider removing the Flash Player altogether since it has suffered a high number of zero-day exploits in recent history.”
Source: SCMagazine
The campaign, which mainly targets European users, launches the Magnitude EK through pop-under ads, ad windows that the researchers explained appear “behind the main browser window and typically remains open until the user manually closes it.” Once the victim is infected, they are asked to pay the ransom to recover their files.
The researchers noted that the ads in this campaign have largely been placed on adult sites and video streaming sites. They urged users to keep browsers and plugins current and suggested they “consider removing the Flash Player altogether since it has suffered a high number of zero-day exploits in recent history.”
Source: SCMagazine
Comments