‘Kyle and Stan’ Malvertising Hits Amazon, Yahoo, YouTube

September 10, 2014


Amazon, Yahoo, YouTube and 71 other Web domains have fallen victim to the Kyle and Stan malvertising network, which spreads adware and other potentially unwanted programs by preying on user trust of otherwise-honest sites. Shaun Hurley, David McDaniel and Armin Pelkmann, three security researchers for Cisco, wrote up their findings about the malware in a Cisco company blog post. The Kyle and Stan malware (the names of two characters in the long-running Comedy Central show South Park show up in the domain names of more than 700 sites the network uses to serve ads) first determines whether youre on a Windows system or on a Mac, then silently redirects your browser to a site that serves up executable files for your operating system of choice.