{"id":6627,"date":"2014-10-15T11:26:42","date_gmt":"2014-10-15T15:26:42","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=6627"},"modified":"2014-10-15T11:26:42","modified_gmt":"2014-10-15T15:26:42","slug":"youtube-served-users-malicious-advertisements-trend-micro-says","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/10\/15\/youtube-served-users-malicious-advertisements-trend-micro-says\/","title":{"rendered":"YouTube served users malicious advertisements, Trend Micro says"},"content":{"rendered":"<p style=\"text-align:center;\"><a href=\"http:\/\/www.pcworld.com\/article\/2833972\/youtube-served-malicious-advertisements-trend-micro-says.html\"><img data-recalc-dims=\"1\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/10\/youtube-logo-2014-100449570-large.jpg\" alt='' \/><\/a><\/p>\n<p>Malicious advertisements, some of which were displayed on YouTube, redirected more than 113,000 people in the U.S. to harmful websites in just a month, Trend Micro said Tuesday.<\/p>\n<p>Although online advertising companies try to detect and block such ads from being circulated on their networks, bad ones sometimes get through. Such ads can be very productive for hackers. It can mean a large pool of victims if shown on a high-traffic website.<\/p>\n<p>\u201cThis was a worrying development: Not only were malicious ads showing up on YouTube, they were on videos with more than 11 million views\u2014in particular, a music video uploaded by a high-profile record label,\u201d wrote Joseph Chen, a fraud researcher, on Trend Micro\u2019s blog.<\/p>\n<p>Google, which owns YouTube, did not have an immediate comment.<\/p>\n<p>Chen wrote that users viewing the ads were bounced through two servers in the Netherlands before landing on the malicious server, which is located in the U.S.<\/p>\n<p>That server had the Sweet Orange exploit kit installed. Sweet Orange checks if the computer has one of four vulnerabilities affecting Internet Explorer, Java or Adobe Systems\u2019 Flash application.<\/p>\n<p>If the attack is successful, the kit delivers malware from the KOVTER family, which has been used in the past for ransomware, Chen wrote. Those attacks try to extort a victim by either encrypting their files or tricking them into paying a fine.<\/p>\n<p>The KOVTER malware is hosted on a subdomain of a Polish government site that has been hacked, Chen wrote. The attackers had also modified DNS (Domain Name System) information on that site by adding subdomains that led to their own servers, but the method used to accomplish that was unclear, Chen wrote.<\/p>\n<p>via <a href=\"http:\/\/www.pcworld.com\/article\/2833972\/youtube-served-malicious-advertisements-trend-micro-says.html\" target=\"_blank\">YouTube served users malicious advertisements, Trend Micro says | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Malicious advertisements, some of which were displayed on YouTube, redirected more than 113,000 people in the U.S. to harmful websites [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[7,9],"tags":[655,1270],"class_list":["post-6627","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-malware","tag-youtube"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1IT","jetpack-related-posts":[{"id":9477,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/12\/16\/the-big-leek-cabal-this-week-in-tech-697\/","url_meta":{"origin":6627,"position":0},"title":"The Big Leek Cabal &#8211; This Week in Tech 697","author":"NCCT","date":"December 16, 2018","format":false,"excerpt":"https:\/\/youtu.be\/4JZfm6VIBfc - Elon Musk is a terrible person to work for. - The internet is a garbage fire of hate. - It is not Google's fault that searching for \"idiot\" results in pictures of Donald Trump. - The Chinese are not spying on you with secret spy chips on Super\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/4JZfm6VIBfc\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9522,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/02\/24\/will-it-bend-this-week-in-tech-707\/","url_meta":{"origin":6627,"position":1},"title":"Will It Bend? &#8211; This Week in Tech 707","author":"NCCT","date":"February 24, 2019","format":false,"excerpt":"https:\/\/youtu.be\/qC0DabXmX8Q Folding phones at MWC, Hololens 2, conspiracies on YouTube, and more. -- Foldable Phones Hit MWC 2019 -- Microsoft Announces Hololens 2 -- Netflix at the Oscars -- Apple and Goldman Sachs Release Credit Card Linked to iPhone -- Apple to Combine iPhone, iPad and Mac Apps -- YouTube:\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/qC0DabXmX8Q\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9295,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/02\/05\/this-week-in-tech-652-were-all-out-of-kidneys\/","url_meta":{"origin":6627,"position":2},"title":"This Week in Tech 652: We&#8217;re All Out of Kidneys","author":"NCCT","date":"February 5, 2018","format":false,"excerpt":"https:\/\/youtu.be\/aUpYOMKq4iQ Tech ads in the Superbowl. Elon Musk's \"Not-a-Flamethrower.\" Apple, Google, and Amazon quarterly results. What are Amazon's health plans? What game company will Microsoft buy next?","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/aUpYOMKq4iQ\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9297,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/02\/11\/this-week-in-tech-653-x-stands-for-nothing\/","url_meta":{"origin":6627,"position":3},"title":"This Week in Tech 653: X Stands for Nothing","author":"NCCT","date":"February 11, 2018","format":false,"excerpt":"https:\/\/youtu.be\/9vdjtG9ozeQ HomePod should have been delayed longer. Elon Musk's rollercoaster week: Falcon Heavy sends a Tesla to Mars just as Tesla has its worst quarter ever. iPhone boot code leaked online. Chrome will shame insecure websites. YouTube suspends Logan Paul for generally being a horrible human being. Rethinking Facebook and\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/9vdjtG9ozeQ\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9397,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/09\/02\/i-speak-for-the-bezels-this-week-in-tech-682\/","url_meta":{"origin":6627,"position":4},"title":"I Speak for the Bezels &#8211; This Week in Tech 682","author":"NCCT","date":"September 2, 2018","format":false,"excerpt":"https:\/\/youtu.be\/kVcihaMWLmA This Week in Tech iPhone XS, Pixel 3, Trump vs Google, and more Leo is on vacation, so Jason Snell is guest hosting! Apple's next big event is September 12th, and we have a sneak peek at the new iPhone XS and Apple Watch Series 4. The iPhone XS\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/kVcihaMWLmA\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9339,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/05\/14\/this-week-in-tech-666-leave-john-legend-um-alone\/","url_meta":{"origin":6627,"position":5},"title":"This Week in Tech 666: Leave John Legend, Um, Alone!","author":"NCCT","date":"May 14, 2018","format":false,"excerpt":"https:\/\/youtu.be\/U_aUjM9MNhk ZTE shuts down, but help is on the way from an unlikely tweet. Google I\/O shows off creepy robocallers and helpful directions. Microsoft Build brings Cortana\/Alexa integration and the return of Kinect. Congress releases over 3500 Russian Facebook election ads. Cambridge Analytica \"dies,\" is reborn as Emerdata. Robocaller gets\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/U_aUjM9MNhk\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/6627","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=6627"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/6627\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=6627"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=6627"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=6627"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}