michelangelus - Fotolia
How does the Terror exploit kit spread through malicious ads
Zscaler recently discovered a malvertising campaign that spreads the Terror exploit kit through malicious ads. Discover more about the threat with expert Nick Lewis.
Cloud security vendor Zscaler Inc. found that a malvertising campaign has been spreading the Terror exploit kit....
Continue Reading This Article
Enjoy this article as well as all of our content, including E-Guides, news, tips and more.
What is Terror, and how do malicious ads spread it?
Malvertising campaigns continue to be effective as they enable an attacker to use a legitimate website to deliver malware to users. Malvertising campaigns can be particularly dangerous because the ads and potential malware downloads look as if they come directly from the trusted website. As a result, end users may not be suspicious of pop-ups.
The next step in the process is to infect the system by using a downloader to run the malicious code on the endpoint, as getting the malware to the endpoint is crucial.
Cloud security vendor Zscaler recently identified a malvertising campaign using the Terror exploit kit.
Terror is a collection of scripts and malware that is posted on a compromised website. It can be found published on ad networks and is under active development to continue to evade detection and infect endpoints.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Threats and vulnerabilities
Related Q&A from Nick Lewis
What are port scan attacks and how can they be prevented?
Port scans provide data on how networks operate. In the wrong hands, this info could be part of a larger malicious scheme. Learn how to detect and ... Continue Reading
Explore benefits and challenges of cloud penetration testing
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading
What are the best criteria to use to evaluate cloud service providers?
Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading