Another HookAds Malvertising Campaign has been reported to be active recently, which is redirecting the potential visitors to the Fallout Exploit Kit. Following the activation, the kit will strive to capitalize on the known susceptibilities in Windows to download & install malicious malware in the infected system.
One such enticing site was discovered last week by Exploit Kit Expert nao_sec.
The sites resemble the pages filled with online games, local advertisements or other low quality pages. Unaware of the vicious malware hidden, visitors will unknowingly load the Fallout Exploit Kit in its system. Following this accidental download, the kit will then attempt to install its Malware Payload.
According to the Exploit Kit Expert nao_sec, the two HookAds Malvertising Campaigns were exposed last week. One of the campaigns was discovered on 8th November that aimed at distributing password stealing DanaBot banking Trojan.
Another Malvertising Campaign that installed the Nocturnal data stealer and GlobeImposter Ransomware was discovered on 10th November.
In case the redirected visitor is running Internet Explorer Browser, the Fallout Exploit Kit will try to abuse Windows CVE-2018-8174 VBScript susceptibility to install Malware payload.
One such HookAds Malvertising Campaign was reported in November 2016 that leveraged alluring adult portals to distribute malware. The rogue infrastructure behind HookAds showed how top visited adult sites were being injected with new scoundrel ad domains.
Visitors to the adult portals were redirected to the decoy secondary site via a simple Malvertising string. The statistics estimated that around one million visitors to the adult portals were bared to the Malvertising campaign of November 2016.
The traffic was then funneled to one of the many enticing adult websites where an adult banner iframe was implanted dynamically.
The non-targets were smartly served a banner ad that redirects them to other adult portals, surprisingly via licit ad networks. Another malicious script served by the same server redirected the users to RIG Exploit Kit.
The HookAds Malvertising Campaign is still active and running with new reprobate ad domains getting registered each day.
Therefore, it is mandatory that users ensure all Windows security updates installed in order to protect themselves and their system from potential vulnerabilities.
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
The researchers at Virus Removal Guidelines are dedicated to track down the latest vulnerabilities which may infringe your system security. Our team of expert performs a detailed research about every malware infection before educating our users about the same.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.