Hacker Group Loading Malicious Ads Using Ad Server

Browsing the internet is one of the common things for all and coming through ads is quite common. Most of the internet users are aware that ads are just something to avoid. Most of the time these ads are just redirecting users to some unrelated pages. Seems like some hacker group wants users to visit these unrelated websites through ads. An unknown hacker group is found suing as servers to post ads that redirect the user to malware downloading websites.  These activities were discovered recently in last month by a security firm named Confiant.

While the sneaky campaign seems troublesome this campaign has been going on from around 9 months. The researchers have said that this was done by hackers using advertising networks. The advertising networks running on old versions of Revive Open Source ad servers are the ones targeted. Old versions are usually the most vulnerable and this was exactly the reason Hackers managed to get through. Once they hacked into the ad server they added malicious code into the ads loaded on the server. These ads then are used to lure users into their malware downloading websites. While most of the people think Phishing is the only sneaky way for attackers this is some rare campaign.

Around 60 Revive servers have been discovered that were altered by hackers. Users that visit these sites are redirected to malicious websites that promote downloading the malware. Malware files are disguised as Adobe reader update that the user is asked to download. Thousand of websites are under the influence of this hacker group under this campaign as per the company. This hacker group is called Tag Barnakle and such a malvertising group is rare to be seen this activity. A few years back such hacking groups were seen active but this incident was at large.

Leave a Reply

Your email address will not be published. Required fields are marked *