Security researchers at Malwarebytes who have been hot on the trail of the actors that pulled off a recent malvertising attack on Yahoo have observed a similar campaign launched by the same group against publishing network AdSpirit.de used by drudgereport.com, findagrave.com and others.
“Both URLs are using HTTPS encryption, making it harder to detect the malicious traffic at the network layer,” he wrote.
The Yahoo campaign ultimately led victims to the Angler Exploit Kit (EK). At the time, Malwarebytes noted the EK often leads to Bedep ad fraud and CryptoWallransomware. The company alerted AdSpirit to the latest campaign and while it received no immediate response, “the rogue advert was taken down,” according to the post.