Nadradený pojem:
Malvertising
Description
Users are directed to exploit kits in two primary
ways: compromised websites and malvertising. Adversaries will place a
link to an exploit kit landing page into a malicious ad or a compromised
website, or they will use an intermediate link, known as a broker. (These links, positioned between compromised websites and
exploit kit servers, are also referred to as “gates.”) The broker
serves as an intermediary between the initial redirection and the actual
exploit kit that delivers the malware payload to users.
The latter tactic is becoming more popular as attackers find they must move faster to maintain their operational space and evade detection. Brokers allow adversaries to switch quickly from one malicious server to another without changing the initial redirection. Because they don’t need to constantly modify websites or malicious ads to start the infection chain, exploit kit operators can carry out longer campaigns.
The latter tactic is becoming more popular as attackers find they must move faster to maintain their operational space and evade detection. Brokers allow adversaries to switch quickly from one malicious server to another without changing the initial redirection. Because they don’t need to constantly modify websites or malicious ads to start the infection chain, exploit kit operators can carry out longer campaigns.
Importance
High