Kyle & Stan Parks Malvertising On Amazon, YouTube

  /     /     /  
Publicated : 22/11/2024   Category : security


Kyle & Stan Parks Malvertising On Amazon, YouTube


Windows and Macs alike are at risk to sophisticated mutating malware.



A malicious advertising (malvertising) network is distributing spyware, adware, and browser hijackers to both Macs and PCs, crafting a unique malware bundle for each machine it infects. The network,
dubbed Kyle and Stan
by Ciscos TALOS Security Research, is 700 domains strong, including the likes of amazon.com and youtube.com. This by all means is most likely just the tip of the iceberg, researchers said in a blog post today.
The world of online ads has only a few major players that are supplying ads to thousands of websites. If an attacker can get one of those major advertisement networks to display an advertisement with a malicious payload just for a few minutes without being detected, then countless machines can be infected by such an attack.
Kyle and Stan is so named because the group dubbed hundreds of their subdomains stan.mxp2099.com and kyle.mxp2038.com. Heres what happens when a user visits one of the malicious sites:
The website automatically starts the download of a unique piece of malware for every user. The file is a bundle of legitimate software, like a media-player, and compiles malware and a unique-to-every-user configuration into the downloaded file. The attackers are purely relying on social engineering techniques, in order to get the user to install the software package. No drive-by exploits are being used thus far. The impressive thing is that we are seeing this technique not only work for Windows, but for Mac operating systems alike.
The malicious kit for Macs includes the legitimate application MPlayerX and the malicious browser hijackers Conduit and VSearch.
Because the malware package is unique to each infected machine, the checksum is different every time, which makes detection very difficult.
All in all, say the researchers, we are facing a very robust and well-engineered malware delivery network that wont be taken down until the minds behind this are identified.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Kyle & Stan Parks Malvertising On Amazon, YouTube