Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to “hands-on-keyboard activity by ransomware operator Storm-0216 (Twisted Spider, UNC2198), culminating in the deployment of CACTUS ransomware,” the Microsoft Threat Intelligence team said in a series of posts […]
The popularity of Brazil’s PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX. Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off using malicious ads that are served when potential victims search […]
Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. “Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,” WithSecure researcher Mohammad Kazem Hassan Nejad said. “And with businesses now leveraging the reach of […]
Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. “Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations,” Trend Micro researchers said in an analysis published last week. “In this case, the distribution involved […]
An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware. “The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion along with the Windows Process Explorer driver for terminating processes,” SentinelOne researchers Aleksandar Milenkoski and Tom Hegel said in a technical write-up. The […]
Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that deploy malware, such as Raccoon Stealer and Vidar. The activity makes use of seemingly credible websites with typosquatted domain names that are surfaced on top of Google search results in the form of […]
Researchers believe that the campaign has been active since 2018, and since then, the malware has been under development constantly. Cisco Talos researchers have identified malvertising campaigns using fake installers of popular games and applications, such as WeChat, Viber, Battlefield, and NoxPlayer, to lure users into downloading an undocumented, malicious Google Chrome extension and a […]
A series of malicious campaigns have been leveraging fake installers of popular apps and games such as Viber, WeChat, NoxPlayer, and Battlefield as a lure to trick users into downloading a new backdoor and an undocumented malicious Google Chrome extension with the goal of stealing credentials and data stored in the compromised systems as well […]
At the beginning of 2021 CISA made an important statement [PDF] which many internet users consider so long-awaited: federal and public agencies, along with their expansion in the World Web should as well implement and standardize the usage of ad-blocking software. Public opinion is agreeing on the point that nowadays internet security is just as […]
AnyDesk is one of the famous remote desktop applications, and recently, the CrowdStrike cybersecurity researchers have detected that a whole malware network is continuously attacking AnyDesk. As per the experts, this malware is dealing with the delivery of an armed installation of a very famous software utility. The most interesting fact of this malware is […]
Cybersecurity researchers on Wednesday publicized the disruption of a “clever” malvertising network targeting AnyDesk that delivered a weaponized installer of the remote desktop software via rogue Google ads that appeared in the search engine results pages. The campaign, which is believed to have begun as early as April 21, 2021, involves a malicious file that […]
A malvertising campaign operator group known as ScamClub has long exploited an unpatched zero-day vulnerability in some WebKit-based web browsers in order to bypass security mechanisms and redirect unsuspecting users to malicious websites where gift card stays. The term malvertising refers to injecting malware into online advertising in order to deploy subsequent attacks. Threat actors […]
Cybersecurity experts reported the detection of a sophisticated malvertising campaign. Dubbed “LuckyBoy”, the operators rely on strong obfuscation and cloaking to avoid detection by security solutions in iOS, Android and even Xbox systems. First detected in December 2020, this campaign is constantly growing in the U.S. and abroad. As per a report by security firm […]
Remember the malvertising campaigns in the early days where are adverts showing you are the nth visitor, and you have a prize to claim for being the coveted nth visitor on a website? Of course these days the chance of seeing a Flash-based animated advert like that, since Google Chrome itself autoblocks scam-like adverts by […]
The notorious eGobbler group has set its sight on the iOS version of Chrome browser, as they use the platform for malvertising. Also, known as Malicious advertising, malvertising is a deceptive action of a group to publish a certain advert on a website, but instead of directing the user to the publisher of the advert, […]
Researchers discovered a recent malvertising campaign from eGobbler threat actor that targets millions of iOS users to hijack their sessions by leverage chrome vulnerability. Attackers trick the targeted iOS users to redirect into Malicious lading page and this campaign can be recognized easily by their use of the “.world” Session hijacking, sometimes also known as […]
Cyber criminals now approaching a unique way to spread Powload malware with the help of steganography to infect the targeted system. Powload campaign activity distributing since 2018 through fileless techniques and hijacking email accounts to deliver the information-stealing malware such as emotet and Ursnif. But the recent attacks employed the steganography techniques in which attackers […]
A well-known hacker group is behind this malicious campaign Network security and ethical hacking specialists from the International Institute of Cyber Security warn about a new malvertising campaign against Apple device users. According to the cybersecurity expert Eliya Stein, the group behind this campaign, called VeryMal, has deployed several campaigns since the middle of last […]
A new malvertising chain that uses multiple payloads to steal confidential information from the victim’s machine and to encrypt their files with GandCrab Ransomware. Threat actors using the the Fallout exploit kit, a utility program that designedto exploit vulnerabilities in ports, softwares and to deploy backdoors in vulnerable systems. Malwarebytes security researchers observed a threat […]
Malvertising is a method in which attacker targets online ads to steal credentials of the users, demonstrate ethical hacking experts. These days online advertising is the main source of income. Most popular search engines earnings are the online advertising. So online advertising provide an solid platform for spreading viruses, malware, and even ransomware attacks can […]
A framework based on the Fiddler web debugger to study Exploit Kits, malvertising and malicious traffic in general. Installation Download and install the latest version of Fiddlerhttps://www.telerik.com/fiddler Special instructions for Linux and Mac here:https://www.telerik.com/blogs/fiddler-for-linux-beta-is-herehttps://www.telerik.com/blogs/introducing-fiddler-for-os-x-beta-1 Enable C# scripting (Windows only) Launch Fiddler, and go to Tools -> Options In the Scripting tab, change the default (JScript.NET) […]