Security researchers have recently reported that a malvertising (malicious advertising) campaign has outgrown any expectations in terms of damages. Advertisements brought by Mad Ads Media are causing redirects to malicious websites containing the well-known Nuclear exploit kit.
Mad Ads Media is a digital advertising company based in Mount Laurel, New Jersey. The company claims to work with numerous companies and to provide efficient advertising campaigns. Such networks are often employed to upload malicious ads that redirect users to attack’s pages.
Malvertising campaign not what it seems at first glance.
Targeted websites contain manga and anime.
Mad Ads Representatives have not yet officially commented on the malicious attack, but actions towards an investigation have begun.
Once redirected to a website hosting the Nuclear exploit kit, the user’s browser is checked for an outdated version of Adobe Systems’ Flash program. If the version is present, the installation of Carberp malware follows. The end goal of the attack is theft of authentication credentials.
Nuclear exploit kit has been around for quite some time.
In April, experts reported that a large-scale Google ad campaign was severely compromised by the exploit kit.
WordPress has also been targeted several times. One of its recent Nuclear exploit kit’s incidents concerned the exploitation of the CVE-2015-0311 vulnerability.