On April 10, the Fox-IT Security Operations Center (SOC) started to see an increase of exploit kit related incidents. An ad distributed by a large advertisement platform redirected visitors to the Angler Exploit Kit that tried to install malware on the computers of visitors. At least 288 Dutch sites are affected by this malicious advertisements.
This malvertising campaign is one of the largest in recent times, according to Yonathan Klijnsma, researcher at Fox-IT. Evidence of this is the list of affected websites which includes websites such as Nu.nl, RTL Nieuws, RTL Z, Buienradar Marketplace and iCulture.
The advertisement platform investigated the incident. Fox-IT has announced that they have not seen customers that were infected.