Site   Web

September 29, 2015

Hackers Tap Into Ad Networks For DDoS

Appears Recent Attack Launched From China

Image courtesy of (chanpipat)/

In the best scenario an advertisement can be annoying, but hackers have discovered a way to make them even worse.

Layout 1It’s not just a pop-up that’s now able to get under someone’s skin, it’s advertisements that can deliver a distributed denial-of-service. In fact, these attacks are becoming a more popular as hackers have discovered a way to use ad networks to deliver the crippling message.

A blogpost on Cloudfare detailed how a recent attack was caught by a site reliability engineer. That engineer, Marek Majkowski wrote in the post, noticed “a large number of HTTP requests being issued against one of our customers.”

Investigation revealed what was taking place was a malicious JavaScript being sent from somewhere in China.

“There is no way to know for sure why so many mobile devices visited the attack page, but the most plausible distribution vector seems to be an ad network. It seems probable that users were served advertisements containing the malicious JavaScript,” the post explained. “This ads were likely showed in iframes in mobile apps, or mobile browsers to people casually browsing the internet.”

As Computer World reported, the interesting — and disturbing — thing about the attack is it appears to have come from real browsers rather than malware.

It’s not necessarily a new concept as such an attack has been hypothesized by experts but this recent attack marks the first time it’s been seen and documented. Research also showed more than 80 percent of the generated traffic was coming from mobile devices such as tablets and smartphones, another unusual trait.


W. Brice McVicar is a staff writer for SiteProNews.