Google Ad Reseller is initiating Maladvertising Campaign

A large scale malvertising campaign has been observed by Cybersecurity firm Fox IT originating from all the Google advertisement services resold from Engagelab.com.

Engagelab.com appears to redirect its advertisement & zone ID’s to a domain, which in turn redirects to the Nuclear Exploit Kit, indicating a possible vandalism at this reseller of Google advertisement services. This Nuclear Exploit kit targets vulnerabilities in Adobe Flash, Oracle Java and Microsoft Silverlight software.

Source: FOX IT

Fox-IT observed the first redirect on April 7th 2015. The company has detected a significantly large amount of infections and infection attempts from this exploit kit among our customers.


It may be noted that malvertising involves malware concealed inside Internet-based ads that are usually pop-ups, banners else animated advertisements.

Now the users are facing probably the biggest ad poisoning ever made – all important ad services are affected. It means that users might get infected just by reading their favorite newspaper or by doing search on famous web indexers.

The security company has a suspicion that this malvertising campaign will be of a very large scale. Although, the firm is still is exerting its strength to identify the exact malware variant victims at use in the attacks.

The Fox IT liveblog affirms:

The domains for the exploit kit itself aren’t directly used for redirection; a secondary site is used as an intermediate. The domains and IP’s used for the exploit kit are constantly changing, to mitigate the threat for now we suggest blocking the website between the legitimate websites and the exploit kit.

Fox IT has observed the following domains for the Nuclear Exploit Kit:
banking.techpool.org
soaring.betsystemreviews.com
supervision.sactown.us

Fox IT has advocated an ad blocker, moreover updating Java, Silverlight and Flash to the latest versions to limit damage.

The firm proclaimed that Google has been notified of the issue.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How To Create A Virtual Penetration Testing Lab At Home

In this article, I will demonstrate how to create your own virtual penetration testing lab at home. Creating a pentesting lab is must for...

The Importance of Cyber Security in The Medical Device Industry

Medical devices are a revolutionary aspect of healthcare - they connect doctors and patients, help diagnose and treat diseases. Some - like ECMO machines...

Top 5 Techniques Hackers Use to hack Social Media Accounts

These days, Social Media have become a significant need in our everyday life. It encourages us to associate and connect with anyone over the...

5 Top Programming Languages for Hacking

We live in the 21st century, which is very fast-changing. This is a century of competition for information and computing resources. Every year the...