Security experts have warned of a major malware network known as 'Shnakule' that uses a combination of fake advertising banners and bogus security alerts to infect computers.
Researchers at Blue Coat said that the malware spreads through code embedded in advertising banners that redirect to a third-party site which attempts to launch a fake anti-virus attack.
The pages generate a pop-up window designed to resemble a Microsoft security alert. Victims are warned that their systems are infected and instructed to download and install a 'fix' which is, of course, the malicious software.
Chris Larsen, a senior malware researcher at Blue Coat, told V3 that poisoned advertising attacks and rogue security alerts are very common, but that the combination of the two in a single attack is rare.
Larsen explained that malware writers often use embedded attacks to launch browser exploits and other 'drive by' malware download methods.
"The idea has been around for years because it works," he said. "Malvertising is a great way for the bad guys to reach lots of people."
Further complicating matters is the polymorphic nature of the malware. The payload is constantly changing its code, making it difficult for conventional security tools to detect.
In this case, Larsen believes that the criminals running the operating have set up a series of specialised servers which are being passed off to a larger advertising network as a series of legitimate advertising servers.
However, Larsen said that the hueristics tools used by many security packages should be able to detect this suspicious behaviour.
Computer users are advised to be wary of pop-up windows claiming to be a security warning, particularly those that appear while browsing the web.
"If you are ever on the internet and the browser pops up full screen telling you it has a virus, it is fake," Larsen said. "Anything within your browser window is suspect."
14nm Cavium ThunderX2 CPUs deployed in HPE Apollo 70 supercomputer for US National Nuclear Security Administration
MWR's Countercept platform and phishd technologies key to F-Secure acquisition
Brexit labour shortages will lead to higher adoption of robotics
Newbies will be thrown in with the big boys on Sanhok as Kar98 fodder