Microsoft’s adCenter network (formerly MSN adCenter) has been found to be serving up malware via drive-by download exploits.
Armorize, a security solutions firm, describes the incident in a full informational blog posting. Attackers registered a domain name similar to an official advertising technology firm to dupe Microsoft adCenter and DoubleClick into authorizing the fake adverts. Attackers registered ADShufffle.com, similar to ADSuffle.com. The malicious ads were then served on both advertising networks for a short period of time.
Known sites that were affected included realestate.msn.com, msnbc.com and mail.live.com. Armorize investigated the reports after the adverts went live on December 3 and quickly rectified them with both DoubleClick and Microsoft’s adCenter. The attackers used the Eleonore exploit pack and the Neosploit package to install malware onto users PCs. Visitors could have been infected without having to click on any sites. “Over the past week, ADShufffle kept on changing the malware. Besides HDD Plus, other types of malware, such as backdoors, have been serve,” wrote Wayne Huang of Amorize.
Microsoft’s adCenter is the division of MSN responsible for MSN’s advertising services. Microsoft adCenter provides pay per click adverts for publishers
No comments:
Post a Comment