Cisco security researchers uncovered a major network used for malvertising. In their research they have found more than 700 domains related to that and over 9541 connections to the malicious domains. This was named “Kyle and Stan” because “Kyle” and “Stan” used in the sub domain name.
The “Kyle and Stan” network is a highly sophisticated malvertising network. The goal is to infect Windows and Mac users alike with spyware and adware. The attackers use clever techniques and encryption to avoid detection. The large number of domains allows them to use a domain for a short time.This helps avoiding reputation and black list based security solutions. This is a well engineered Malware delivery network.
How?
1. You visit a webpage with the malicious advertisement.
2. You get redirected to a different website that redirects you based on user agent. We observed that Windows and Mac users get redirected to different malware in order to infect both operating systems.
3. The final page starts the download of a malicious file.
Post a Comment