Google AdSense advertising banners abused for cyber attacks
G DATA Exploit Protection has prevented attacks since the outset.
Bochum (Germany), 17 April 2015
Attackers have abused the Google AdSense advertising network to distribute malware to millions of Internet users. G DATA Exploit Protection has been fending off the attacks since the outset and has protected users against computer infections. The cause of these attacks was a compromised supplier of the advertising network. The attackers used an exploit kit that, among other things, exploits a security hole in Adobe Flash Player. On many computers, this vulnerability has not been closed, even though an official patch is available. G DATA SecurityLabs have published an analysis that explains these cyber attacks in detail.
"For a long time, the mantra for company computers was 'Never change a running system'. This approach is a gold mine for attackers," explains Ralf Benzmüller, Head of G DATA SecurityLabs. "Only people who keep their software and operating system fully up to date are protected against such attacks."
What is Google AdSense?
Google AdSense is one of the world's largest advertising networks. Many website operators rely on this service: 12% of the 100,000 most popular websites use AdSense (source: BuiltWith). Abusing this platform to distribute malware provides the attackers with a huge target group.
G DATA protects against exploit kits
PCs that had not installed the Adobe security update by at least 19 March 2015 have been susceptible to attack by the exploit kit. Cyber-attacks frequently occur via security holes that have already been patched. Reactive protection technologies such as virus signatures are helpful against an exploit only to a certain degree. These technologies generally have a longer response time and can only offer protection against threats that are already known. Proactive protection technologies such as G DATA Exploit Protection secure users against unknown attacks, known as zero day attacks. Regularly installing security updates for the operating system and frequently used software is therefore essential.
What is an exploit kit?
An exploit kit is a tool that contains a number of different attacks on vulnerabilities (exploits) and is used as a means of attack. The tool checks the computer for installed software and unclosed security holes. If a security hole is found, the appropriate exploit for exploiting the vulnerability is sent to the computer, which then downloads malware onto the PC.
Detailed information is available here: https://blog.gdatasoftware.com/blog/article/staying-alert-when-buying-banners-googles-advertising-service-misused-for-distributing-malware.html
IT Security was invented in Germany: G DATA Software AG is considered to be the inventor of the AntiVirus. It was more than 28 years ago that the company, founded in Bochum in 1985, developed the first program to combat computer viruses. These days, G DATA is one of the world's leading providers of IT security solutions.
Test results prove that IT security "Made in Germany" offers Internet users the best possible protection. Stiftung Warentest has been testing Internet security products since 2005. In all seven tests performed between 2005 and 2015, G DATA achieved the best virus detection. In comparative tests by AV-TEST, G DATA regularly demonstrates the best results in the detection of computer malware. Internationally, G DATA INTERNET SECURITY has also been awarded best Internet security package by independent consumer magazines– in countries such as Australia, Austria, Belgium, France, Italy, the Netherlands, Spain and the USA.
The product range comprises security solutions for end customers as well as medium to large-sized enterprises. G DATA security solutions are available worldwide in more than 90 countries.
For more information about the company and G DATA security solutions, see www.gdatasoftware.com