Skip to main content

Malicious ads target Amazon, Yahoo and YouTube users

Malicious advertisements are being shown on popular websites such as Amazon, YouTube and Yahoo as part of a sophisticated malware campaign.

Security firm Cisco claims that the ads cause the user to be redirected to a different website, triggering a malware download dependent on if the computer is running Windows or Apple's OS X.

Read more: How to stay safe and avoid nastiness like Cryptolocker when browsing the web (opens in new tab)

Armin Pelkman, a threat researcher, added that the network has been dubbed "Kyle and Stan" due to those names appearing in subdomains of over 700 malicious websites that the attackers have set up.

"The large number of domains allows the attackers to use a certain domain just for a very short time, burn it and move on to use another one for future attacks," he wrote. "This helps avoiding reputation and blacklist based security solutions."

Cisco did not name the advertising network responsible for serving the malicious advertisements. Although ad networks generally filter out any ads distributing malware, occasionally some are accidentally let through. In total, 74 domains, were serving the advertisements.

When a victim clicks one of the ads, the computer downloads a piece of malware with a unique checksum, making it harder to detect. The download also sometimes contains a legitimate piece of software.

Cisco confirmed that the Kyle and Stan network was originally discovered in May, but that the attacks have since continued.

Read more: Cyber criminals turn to "Dark Web" for easy-to-use malware (opens in new tab)

Pelkman added that it would not be an easy campaign to stop.

"All in all we are facing a very robust and well-engineered malware delivery network that won't be taken down until the minds behind this are identified."

Barclay has been writing about technology for a decade, starting out as a freelancer with IT Pro Portal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.