ISC StormCast for Thursday, June 8th 2017
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS ISC Handlers
4.9 • 754 Ratings
🗓️ 8 June 2017
⏱️ 6 minutes
🧾️ Download transcript
Summary
Transcript
Click on a timestamp to play from that location
| 0:00.0 | Hello, welcome to the Thursday, June 8th, 2017 edition of the Sandtonet Storm Center's Stormcast. |
| 0:07.6 | My name is Johannes Ulrich, and today I'm recording from Washington, D.C. |
| 0:12.0 | You probably have run into these deceptive advertisements that claim that you're missing a specific plugin for a particular website or that, for example, your flash player is out of date. |
| 0:27.6 | Now, many of these advertisements then either lead to these tech support scams or just downloads that in addition to the valid flash player or whatever also |
| 0:40.0 | download a number of adware payloads for example toolbars for your browser that will inject |
| 0:48.2 | ads into your web sessions now I looked into this a little bit deeper after a reader pointed out via Twitter |
| 0:57.0 | that he came across these advertisements on a typo squatting page that did catch YouTube users. |
| 1:05.8 | Turned out that the advertisements on this page came from a company called Revenue Hits. Revenue Hits is an |
| 1:13.8 | advertisement network and as a publisher, if you own a website, you can place their ads on your |
| 1:21.2 | site. So I signed up with Revenue Hits and sure enough, up to this point all I got were these same deceptive ads, |
| 1:31.3 | tech support scams and the like. In one case even, they injected a fake login form into my |
| 1:38.8 | test site. On the other hand, the actual revenue side of this doesn't look all that unattractive. |
| 1:46.1 | Now, I did very limited testing with this. |
| 1:48.7 | I was the only user of the particular site. |
| 1:51.5 | They counted one click-through, and they were going to pay me for that 36 cents, |
| 1:57.7 | which isn't bad compared to more legitimate options like Google AdSense. Of course, on the |
| 2:04.4 | other hand, advertisements like this are probably the strongest reason why you probably should run |
| 2:10.1 | some form of ad blocker. And ad blockers typically do a pretty good job in suppressing these suggestive ads. |
| 2:19.8 | And it's always amazing to see how more advanced software comes up with new ways to do |
| 2:27.3 | somewhat covert command control channels. |
| 2:30.6 | The latest one that we live security reports about is the use of an Instagram account. |
| 2:40.0 | In this particular case, the Malver periodically checked Britney Spears Instagram account and did read |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.