Kyle & Stan Parks Malvertising On Amazon, YouTube

Windows and Macs alike are at risk to sophisticated mutating malware.

A malicious advertising (malvertising) network is distributing spyware, adware, and browser hijackers to both Macs and PCs, crafting a unique malware bundle for each machine it infects. The network,
dubbed Kyle and Stan
by Ciscos TALOS Security Research, is 700 domains strong, including the likes of amazon.com and youtube.com. This by all means is most likely just the tip of the iceberg, researchers said in a blog post today.
The world of online ads has only a few major players that are supplying ads to thousands of websites. If an attacker can get one of those major advertisement networks to display an advertisement with a malicious payload just for a few minutes without being detected, then countless machines can be infected by such an attack.
Kyle and Stan is so named because the group dubbed hundreds of their subdomains stan.mxp2099.com and kyle.mxp2038.com. Heres what happens when a user visits one of the malicious sites:
The website automatically starts the download of a unique piece of malware for every user. The file is a bundle of legitimate software, like a media-player, and compiles malware and a unique-to-every-user configuration into the downloaded file. The attackers are purely relying on social engineering techniques, in order to get the user to install the software package. No drive-by exploits are being used thus far. The impressive thing is that we are seeing this technique not only work for Windows, but for Mac operating systems alike.
The malicious kit for Macs includes the legitimate application MPlayerX and the malicious browser hijackers Conduit and VSearch.
Because the malware package is unique to each infected machine, the checksum is different every time, which makes detection very difficult.
All in all, say the researchers, we are facing a very robust and well-engineered malware delivery network that wont be taken down until the minds behind this are identified.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Kyle & Stan Parks Malvertising On Amazon, YouTube