中英文模式阅读
中文模式阅读
英文模式阅读

A company focused on cybersecurity for the media industry
一家专注于媒体行业网络安全的公司says it has discovered that hackers are now using a technique designed to hide malicious code to commit digital ad fraud.
黑客现在正在使用一种旨在隐藏恶意代码以实现数字广告欺诈的技术。

Officials at Devcon told The Hill on Sunday they uncovered the use of the technique --- known as a polyglot --- on Friday. They said that the use of polyglots, which are considered to be among the more technically advanced techniques available for cyber criminals, points to more hackers committing digital ad fraud.
Devcon的官员周日告诉The Hill他们在周五发现了这种技术的使用 - 被称为多种语言。他们表示,使用polyglots,被认为是网络罪犯可用的技术更先进的技术之一,指向更多的黑客犯下数字广告欺诈。

In a polyglot, users can hide malware within the code for an existing file, like an image. In a successful attack using the tool, a web browser will only load the code for what appears to be its intended purpose, allowing the malicious code to remain hidden while it carries out the attack.
在多语言中,用户可以在代码中隐藏现有文件(如图像)中的恶意软件。在使用该工具的成功攻击中,Web浏览器将仅加载用于其预期目的的代码,从而允许恶意代码在执行攻击时保持隐藏。

For example, the hackers can manipulate the code to make it appear as if it is only an image. But when a web browser uploads the image, it is also including the malware --- a JavaScript code in this case uncovered by Devcon --- which can then carry out an attack. The use of the polyglot "suggests that a lot of mainstream hackers are now getting into the ad fraud space," Maggie Louie, the founder and CEO of Devcon, told The Hill.
例如,黑客可以操纵代码使其看起来好像只是一个图像。但是当Web浏览器上传图像时,它还包括恶意软件---在这种情况下由Devcon发现的JavaScript代码 - 然后可以执行攻击。使用多语言"表明许多主流黑客现在正在进入广告欺诈领域,"Devcon创始人兼首席执行官Maggie Louie告诉The Hill。

In the polyglot uncovered by Devcon, the researchers found that the exploit was hidden in photos in digital ads.
在Devcon发现的多语言中,研究人员发现该漏洞被隐藏在数字广告中的照片中。

Some of the images found by the firm and shared with The Hill include ones for a service labeled "MyFlightSearch" offering discounted flights for spring break, and for a company labeled "JobsImpact" that said it was hiring and encouraged users to click on the ad to "learn more."
该公司发现并与The Hill共享的一些图片包括标有"MyFlightSearch"的服务,提供春假的折扣航班,以及标有"JobsImpact"的公司表示正在招聘并鼓励用户点击广告了解更多。"

After the image appears, users can then be redirected to a pop-up offering a scam like a $1,000 gift card to Walmart.
在图像出现后,用户可以被重定向到弹出窗口,向沃尔玛提供类似1000美元礼品卡的骗局。

"This all happens automatically without user interaction," Josh Summitt, the chief technology officer at Devcon, told The Hill. "So the user doesn't have to click an ad or anything like that for this to happen, it will just redirect them out of the site."
"这一切都是在没有用户互动的情况下自动发生的,"Devcon的首席技术官Josh Summitt告诉The Hill。 "因此,用户无需点击广告或类似内容就可以实现此目的,只会将其重定向到网站之外。"

"Most users, it annoys them," he added. "Some users actually click on these things and give up their data."
"大多数用户都会惹恼他们,"他补充道。 "有些用户实际点击这些东西并放弃他们的数据。"

Summitt and Louie said that once the pop-up appears, other attacks can be carried out, from cryptomining to the installation of a remote access trojan, which effectively gives the hacker access to the user's device and opens the door to future cyberattacks.
Summitt和Louie表示,一旦出现弹出窗口,就可以进行其他攻击,从加密到安装远程访问木马,这有效地让黑客访问用户的设备,并为未来的网络攻击打开了大门。

This isn't the first time that malicious code has been hidden within images to commit ad fraud: In another exploit, known as steganography, pixels for an image will be replaced with code, causing the picture to look degraded.
这不是第一次将隐藏在图像中的恶意代码隐藏在广告欺诈中:在另一种利用中,称为隐写术,图像的像素将被代码替换,导致图片看起来降级。

But in a polyglot, Summitt said, the code is for both an image and the malware, which can hide the inclusion of the malicious code.
但是在多语言中,Summitt说,代码既适用于图像,也适用于恶意软件,可以隐藏恶意代码。

Louie said that since Devcon discovered the polyglot's use in digital ad fraud, the company's software has blocked it thousands of times on their clients' sites, which include online publishers and ad networks.
路易说,自从Devcon发现多语言在数字广告欺诈中的使用以来,该公司的软件已经在其客户的网站上封锁了数千次,其中包括在线发布商和广告网络。

Louie and Summitt said that the widespread use of the polyglot could mean that someone has made it easily available for hackers by including it in a toolkit that they can copy and paste from.
Louie和Summitt表示,多语言的广泛使用可能意味着有人通过将其包含在可以复制和粘贴的工具包中,使黑客很容易获得它。

"It is an emerging attack," Louie said. "I would say for anybody in the cyber world who is working with anybody that is in the advertising world, it's really important to be aware that this is trending. We're seeing it peak throughout our publisher network now."
"这是一种新兴的攻击,"路易说。 "对于网络世界中任何与广告界人士合作的人,我都会说,了解这是一个趋势非常重要。我们现在看到它在我们的发布商网络中达到顶峰。"

中英文模式阅读
中文模式阅读
英文模式阅读

查看英文原文

查看更多文章

公众号:银河系1号
公众号:银河系1号

联系邮箱:public@space-explore.com
联系邮箱:public@space-explore.com

(未经同意,请勿转载)
(未经同意,请勿转载)