MALVERTISING CAMPAIGN REDIRECTS BROWSERS TO TERROR EXPLOIT KIT [source: threatpost]
by CIRT Team
Security experts are warning some “Quit Smoking” and “20 Minute Fat Loss” ads online are delivering more than sales pitches. According to researchers at Zscaler, ads are redirecting browsers to malicious landing pages hosting the Terror exploit kit.
The campaigns have been sustained, with the initial blast spotted on Sept. 1 and lasting through Oct. 23.
“Terror EK activity has been low throughout the year but we are starting to see an uptick in the activity delivered via malvertising campaigns in past two months,” according to Rohit Hegde security researcher at Zscaler.
The Terror EK is distinguished for being a relatively new exploit kit, first identified earlier this year. In a separate Zscaler report, researchers said the EK borrows from other kits such as Sundown and Hunter with additional pieces borrowed from exploits built for the penetration testing software Metasploit.
“We’ve continued tracking the development of this kit since we first spotted it, and have watched developers transition to new domains with stolen identities, with traffic coming from the PopAds advertising network,” said Derek Gooley, Zscaler security researcher.
For more, click here.