Compliance Management, Incident Response, Malware, Privacy, TDR, Threat Management

Yahoo malvertising actors turn attention to AdSpirit

Security researchers at Malwarebytes who have been hot on the trail of the actors that pulled off a recent malvertising attack on Yahoo have observed a similar campaign launched by the same group against publishing network AdSpirit.de used by drudgereport.com, findagrave.com and others.

As in the Yahoo attack, the hackers redirected traffic to Microsoft Azure websites to spread the increasingly malware, the Malwarebytes security researcher Jerome Segura said in a Thursday blog post.

“Both URLs are using HTTPS encryption, making it harder to detect the malicious traffic at the network layer,” he wrote.

The Yahoo campaign ultimately led victims to the Angler Exploit Kit (EK). At the time, Malwarebytes noted the EK often leads to Bedep ad fraud and CryptoWallransomware. The company alerted AdSpirit to the latest campaign and while it received no immediate response, “the rogue advert was taken down,” according to the post.


UPDATE: Malwarebytes reported the malvertising campaign has moved to eBay and AOL.com, in the latter leveraging a new Azure domain.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.