Kyle & Stan attack Amazon, YouTube & Yahoo with malicious ads

Websites targeted by “Malvertising” that attacks Windows and Mac users

A highly sophisticated attack has been carried out on millions of users via hundreds of websites including Amazon, YouTube and Yahoo using a malicious advertising network.

The attack was discovered by researchers working for Cisco. Dubbed "Kyle and Stan", malicious adverts appearing on the website trigger a download that affects Windows and Mac users, according to Armin Pelkmann, a Cisco threat researcher.

Pelkmann said the network uses "the enormous reach of well-placed malicious advertisements on very well-known websites in order to potentially reach millions of users."

"The goal is to infect Windows and Mac users alike with spyware, adware and browser hijackers. It is not too far-fetched that other kinds of malware are being used as well."

The malware got its name because the monikers "Kyle and Stan" appear in the subdomains of more than 700 websites the hackers set up to distribute the virus.

Cisco said the 700 domains currently in use were "just the tip of the iceberg".

"The large number of domains allows the attackers to use a certain domain just for a very short time, burn it and move on to use another one for future attacks," said Pelkmann in a blog post. "This helps avoiding reputation and blacklist based security solutions."

"We are facing a very robust and well-engineered malware delivery network that won't be taken down until the minds behind this are identified."

Around 10,000 users connected to the network during Cisco's investigations and the malvertising targeted only a small number of firms that supply ads to websites.

"If an attacker can get one of those major advertisement networks to display an advertisement with a malicious payload just for a few minutes without being detected, then countless machines can be infected by such an attack," he said.

Featured Resources

The challenge of securing the remote working employee

The IT Pro Guide to Sase and successful digital transformation

Free Download

VMware Cloud workload migration tools

Cloud migration types, phases, and strategies

Free download

Practices for maximising the business value of digital infrastructure Consumption-as- a-Service subscriptions

IDC PeerScape

Free Download

Container network security guide for dummies

Enforcing Kubernetes best practices

Free download

Recommended

Hackers could use new Wslink malware in highly targeted cyber attacks
malware

Hackers could use new Wslink malware in highly targeted cyber attacks

1 Nov 2021
FBI raids Chinese POS business following cyber attack claims
malware

FBI raids Chinese POS business following cyber attack claims

27 Oct 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021
The IT Pro Podcast: Can 5G close the digital divide?
5G

The IT Pro Podcast: Can 5G close the digital divide?

6 Aug 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022
Solving cyber security's diversity problem
Careers & training

Solving cyber security's diversity problem

5 Jan 2022