Menu
YouTube served malicious advertisements, Trend Micro says

YouTube served malicious advertisements, Trend Micro says

The advertisements redirected victims to the Sweet Orange exploit kit, which tries to install malware

Malicious advertisements, some of which were displayed on YouTube, redirected more than 113,000 people in the U.S. to harmful websites in just a month, Trend Micro said Tuesday.

Although online advertising companies try to detect and block such ads from being circulated on their networks, bad ones sometimes get through. Such ads can be very productive for hackers. It can mean a large pool of victims if shown on a high-traffic website.

"This was a worrying development: Not only were malicious ads showing up on YouTube, they were on videos with more than 11 million views -- in particular, a music video uploaded by a high-profile record label," wrote Joseph Chen, a fraud researcher, on Trend Micro's blog.

Google, which owns YouTube, did not have an immediate comment.

Chen wrote that users viewing the ads were bounced through two servers in the Netherlands before landing on the malicious server, which is located in the U.S.

That server had the Sweet Orange exploit kit installed. Sweet Orange checks if the computer has one of four vulnerabilities affecting Internet Explorer, Java or Adobe Systems' Flash application.

If the attack is successful, the kit delivers malware from the KOVTER family, which has been used in the past for ransomware, Chen wrote. Those attacks try to extort a victim by either encrypting their files or tricking them into paying a fine.

The KOVTER malware is hosted on a subdomain of a Polish government site that has been hacked, Chen wrote. The attackers had also modified DNS (Domain Name System) information on that site by adding subdomains that led to their own servers, but the method used to accomplish that was unclear, Chen wrote.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags advertisingtrend microsecurityinternetmalware

Featured

Slideshows

Kiwi channel reunites as After Hours kicks off 2017

Kiwi channel reunites as After Hours kicks off 2017

After Hours made a welcome return to the channel social calendar last night, with a bumper crowd of distributors, vendors and resellers descending on The Jefferson in Auckland to kickstart 2017. Photos by Maria Stefina.

Kiwi channel reunites as After Hours kicks off 2017
Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
Show Comments