DNS takeover redirects thousands of websites to malware

Starting on Mon, 5 august 2013, 06:57:30 Fox-IT's monitoring service detected a redirect occurring initially on conrad.nl but later on many other websites. The way the site was compromised means thousands of websites are redirecting, in total 3 web hosters seem to have been affected by the DNS server compromise: Digitalus VDX Webstekker All sites … Continue reading DNS takeover redirects thousands of websites to malware

Analysis of malicious advertisements on telegraaf.nl

Starting on Wed, 31 July 2013, 18:54:50 Fox-IT's monitoring system detected a redirect occurring on telegraaf.nl. It was another case of advertisement provider abuse. One of the advertisement providers loaded ads from an outside resource which returned an exploit kit named "FlimKit" exploit kit. After first being removed from telegraaf.nl a second exploit kit redirect … Continue reading Analysis of malicious advertisements on telegraaf.nl