Q
Manage Learn to apply best practices and optimize your operations.

How does the Terror exploit kit spread through malicious ads

Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with expert Nick Lewis.

Cloud security vendor Zscaler Inc. found that a malvertising campaign has been spreading the Terror exploit kit....

What is Terror, and how do malicious ads spread it?

Malvertising campaigns continue to be effective as they enable an attacker to use a legitimate website to deliver malware to users. Malvertising campaigns can be particularly dangerous because the ads and potential malware downloads look as if they come directly from the trusted website. As a result, end users may not be suspicious of pop-ups.

The next step in the process is to infect the system by using a downloader to run the malicious code on the endpoint, as getting the malware to the endpoint is crucial.

Cloud security vendor Zscaler recently identified a malvertising campaign using the Terror exploit kit.

Terror is a collection of scripts and malware that is posted on a compromised website. It can be found published on ad networks and is under active development to continue to evade detection and infect endpoints.

New obfuscation layers, exploits and malware payloads have been added to the Terror exploit kit as it uses multiple webpages with obfuscated JavaScript redirects that push a web browser to malicious Flash files to execute the malware on the endpoint.

The malicious ads use the Propeller Ads media network, which allows companies to include the ads on their own websites. The ads then push malicious JavaScript that redirects the web browser to Terror.

Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

This was last published in May 2018

Dig Deeper on Emerging cyberattacks and threats

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Has your organization been impacted by a malvertising campaign?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close