Google advertising network may be infected

Google’s advertising subsidiary DoubleClick has been infected by a malvertising campaign, according to the security firm Malwarebytes.

Adverts linking to malware are allegedly being posted on the Times of Israel, the Jerusalem Post and music streaming site Last.fm, with other ad publishers using Google’s service also thought to be at risk.

Jerome Segura, senior security researcher at Malwarebytes, said: "It appears that this is a much larger and ongoing campaign that is affecting a number of other popular websites.

"What is important to remember is that legitimate websites entangled in this malvertising chain are not infected. The problem comes from the ad network agency itself."

Victims are said to be directed to sites hosting the Nuclear exploit kit, which installs a Zemot trojan by targeting outdated versions of Adobe Flash and Microsoft’s Internet Explorer.

Once installed Zemot connects to a remote server to download tools that steal data and monitor a user’s activity, according to Malwarebytes.

Google has yet to respond to requests for comment from CBR.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing