September 22, 2014 by

How Google’s DoubleClick Ads Infected Millions with Malware

It’s no secret that malware is getting increasingly more sophisticated. The most recent example was identified by Microsoft and carries the name Zemot. A recent report by Malwarebytes suggests that the cyber criminals behind Zemot are using a number of popular websites to spread their malware, including Last.fm and The Times of Israel. The malware was distributed via Google’s DoubleClick service, along with Zedo advertising agency – both of which have a very broad reach.

“It was active but not too visible for a number of weeks until we started seeing popular sites getting flagged in our honeypots,” wrote Jerome Segura, a senior security researcher at Malwarebytes. “That’s when we thought, something is going on.”

The malicious ads work by using the Nuclear exploit, which looks for an unpatched version of the Internet Explorer or an Adobe Flash Player running on the victim’s computer. The ads then download the Zemot malware, which in turn downloads a variety of additional malicious applications. The malware mainly targets Windows XP users (although not exclusively), and computers with an outdated antivirus software.

A plan of attack for the malicious ads;
A plan of attack for the malicious ads.

Google confirmed the breach and have disabled the affected servers that were redirecting the malicious code. The ads themselves have been disabled as well.

 

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Judy Malware May Have Affected 36.5 Million Android Devices

Researchers have discovered what could possibly be the “largest malware campaign found on Google...

Read more arrow_forward

Artificial Intelligence (AI) Controlled Malware

As the world of internet of things (IoT) grows, the number of attacks through the cyber space will...

Read more arrow_forward

40% of Android Devices at Risk of Screen Hijack Exploit

Security researchers have uncovered a significant flaw in Google’s popular mobile platform...

Read more arrow_forward

If you have any further questions, please don't hesitate to contact us.