



“The large number of domains allows the attackers to use a certain domain just for a very short time, burn it and move on to use another one for future attacks,” Pelkmann wrote “This helps avoiding reputation and blacklist based security solutions.”





This malicious ads download a piece of software with a unique checksum, making it harder for security software to detect. The download may also contain legitimate software such as a media player. To be infected, the user must be convinced to open the file. So here attacker use Social engineering techniques on to victims.

A malicious ads hits the number of popular websites that includes YouTube, Amazon, Yahoo etc.. This malicious ads campaign infects windows users as well as Mac users also. This sophisticated malware spreading campaign has been uncovered by Cisco.Armin Pelkmann, a threat researcher. who is investing this malicious campaign saysthe malicious advertisements cause a person to be redirected to a different website, which triggers a download based on whether the computer is running Windows or Apple’s OS X.The operation has been dubbed "" because most of the domains used in this campaign for distributing malicious software contain "kyle" and "stan" strings in the sub-domain name. This campaign hits more 700 websites and had nearl 10,000 connections to the malicious domains.Cisco didn't identify the advertising network that is serving malicious advertisement. As attacker had great number of compromised sites, means it getting its victims, but as reports says that sites like Yahoo, YouTube and Amazon had got affected that means a large pool of potential victims, because these are one of the populated sites and attacker easily gets tonnes of victims.“The attackers are purely relying on social engineering techniques in order to get the user to install the software package,” Pelkmann wrote. “No drive-by exploits are being used thus far.”