A malicious one team τους τελευταίους μήνες τοποθετεί κακόβουλες διαφημίσεις σε ιστότοπους πορνογραφίας. Οι συγκεκριμένες διαφημίσεις να ανακατευθύνουν τους χρήστες σε explot kits και τους μολύνουν με malicious software.
The group is called Malsmoke, and has carried out attacks on "almost all pornographic networks".
According to security company Malwarebytes, which monitors Malsmoke's attacks, most of the time, the group managed to place malicious ads on small or medium-sized pornographic portals, but recently "hit the jackpot" when it managed to add these ads to xHamster, one of the largest pornographic portals with billions of visitors every month.
Malicious ads use misleading JavaScript to send users to a malicious website that hosts an explot kit.
The exploit kit will then use vulnerabilities in the Adobe Flash Player or in Internet Explorer to install malware on users' computers (Smoke Loader, Raccoon StealerAnd ZLoader.).
The attacks can be seen as a last ditch effort to infect users with old school tools such as exploit kits, the use of which has declined in recent years as modern browsers have become much more secure.
“Despite the recommendations of Microsoft and security professionals, we find that there are still a number of users (consumers and businesses) worldwide that have not yet been changed to a modern browser”, he says Malwarebytes.
"As a result, the authors of the exploit kit are targeting vulnerabilities in Internet Explorer and Flash Player."
