Malicious ads distributed by Google's DoubleClick and Zedo
Two popular web based advertising networks Google DoubleClick and Zedo have been found to serving malicious advertisement which lead to download and install malware on a users computer. Researcher from the malwarebytes had noticed some unusual behavior on sites like last.fm , The
Times of Israel, and other sites, which makes antivirus to raise a Waring flags about the malware.
On this issue Malwarebytes researcher Jerome Segura with his investigation came with the conclusion that the issue are coming from the advertisement from Google DoubleClick ad server and the popular Zedo ad agency.
Segura says the malware has been identified as Zemot Malware, which was recently in action for some of the time. For this issue Google have confirmed about the malicious ads and says - "our team is aware of this and has taken steps to shut this down."
Spreading malware through Advertising (Malvertising) is not a new attack from cyber criminals, but the issue should be notable as soon as possible as it may leads million of users to infected. Specially when the malicious ads is serving on high traffic sites.
"It was active but not too visible for a number of weeks until we started seeing popular sites getting flagged in our honeypots," Segura says
On this issue Malwarebytes researcher Jerome Segura with his investigation came with the conclusion that the issue are coming from the advertisement from Google DoubleClick ad server and the popular Zedo ad agency.
Segura says the malware has been identified as Zemot Malware, which was recently in action for some of the time. For this issue Google have confirmed about the malicious ads and says - "our team is aware of this and has taken steps to shut this down."
Spreading malware through Advertising (Malvertising) is not a new attack from cyber criminals, but the issue should be notable as soon as possible as it may leads million of users to infected. Specially when the malicious ads is serving on high traffic sites.
"It was active but not too visible for a number of weeks until we started seeing popular sites getting flagged in our honeypots," Segura says
First Zemot activity was noticed in late August and till now millions of computers have infected. Although Antivirus firm have already added a signature of Zemot to its virus database, then also users who have not update their antivirus program has been infected.
What is Zemot ?
Zemot is a variant of malware that mainly focus (infects) Windows XP system. It can also infect more modern operating systems running on x86 and 64 bit machines. It have the capability to bypass a system's security before infecting computers with additional malware. Hence it is difficult to look back the attack once the system gets infected.
![Pirate Bay Proxy List 2024: Unblock The Pirate bay33 [April Updated]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSLpBFGVKLEpg0rc9hECOaiGYOmFojg3gsCSrkKpqXYG0RxcBV7t3BFsdegN7e8J3UyclrJWT5N7mCzorsDb1hm66s6Pu91SJOEAQJxeodTlFuiPFEy77VIvaNZD2GlPf3jNlWLwhP8CS7WHCb9avIIPNAtdmVhoIXx3ybf26WAWInoDnBsp4aLtZ1/w250-h250-p-k-no-nu/The%20Pirate%20Bay%20proxies%202023.webp)
