Number of Malvertising attacks are appeared to be increasing day by day, even top websites fall victim to such kind of attacks - YouTube is to be the latest popular organization affected by malicious ads.
Security experts from Bromium have discovered that the cyber criminals were distributing a malware via YouTube ads.
According to researchers, malicious ads attempt to exploit vulnerabilities in outdated Java. It loads different malicious jar file, to ensure the exploit is compatible with the installed java version.
The Exploit kit used in this attack "Styx Exploit Kit" which was the same one used by cybercriminals to infect users of toy maker Hasbro.com.
If the user's machine is having vulnerable plugins, it will exploit the vulnerability and drops a Banking Trojan known as "Caphaw". Researchers say they are working with Google Security team.