When it comes to malvertising, the Angler exploit kit is almost always the weapon of choice used by cyber criminals to push out malware onto their victims. As we’ve seen in many high profile cases recently, these attacks are also more sophisticated and use fingerprinting, a technique to weed out non genuine victims, directly served by the fraudulent advertiser itself.
This is why we were a little surprised to find out that an ongoing (and more quiet) malvertising campaign relying on the Magnitude EK started to use fingerprinting prior to the exploit kit landing page. This particular campaign targets adult, torrent and streaming sites. Below are some of the publishers we caught in our telemetry yesterday:
Leave a reply