Cyber criminals have exploited the power of two online advertising networks, Google’s DoubleClick and popular Zedo advertising agency, to deliver malicious advertisements to millions of internet users that could install malware on a user’s computer.
A recent report published by the researcher of the security vendor Malwarebytes suggests that the cyber criminals are exploiting a number of websites, including The Times of Israel, The Jerusalem Post and the Last.fm music streaming website, to serve malicious advertisements designed to spread the recently identified Zemot malware.
Malvertising is not any new tactic used by cybercriminals, but Jerome Segura, a senior security researcher with Malwarebytes, wrote in a blog post that his company “rarely see attacks on a large scale like this.”
The Zemot malware was identified by Microsoft earlier this month. According to Microsoft, Zemot is usually distributed not only by the Nuclear exploit kit but also by the Magnitude exploit kit and spambot malware Kuluoz. The malware focuses on computers running Windows XP, although it can also infect more modern operating systems running on x86 and 64 bit machines.