Widespread malvertising campaign VASTFLUX, which involved the impersonation of more than 1,700 apps and impacted nearly 11 million devices, has been taken down by fraud prevention company HUMAN, The Hacker News reports.
"It doesn't stop with the stacked ads, though. For as many of those as might be rendering on a user's device at once, they keep loading new ads until the ad slot with the malicious ad code is closed," said HUMAN, which also emphasized the operation's digital advertising ecosystem know-how.
VASTFLUX was disrupted three months following the takedown of fraud operation Scylla.
Malicious updates have been recently issued to the Python Package Index package "django-log-tracker," which was last modified in April 2022, to facilitate the distribution of the Nova Sentinel information-stealing malware, The Hacker News reports.