Malvertising News, Articles and Updates

RIG EK campaign delivers researcher-phobic backdoor trojan Grobios

The RIG exploit kit has been causing trouble again, this time delivering a backdoor trojan called Grobios, which takes great pains to avoid detection and evade virtual and sandbox environments.

Cybercrime losses exceed $1.4B in 2017

Two of the top three crimes, non-payment/non-delivery, and personal data breaches were also in the top spot in 2016 while phishing beat out 419/overpayment scams which dropped to fourth place in 2017, affecting only 23,135 victims compared to the 25,716 victims in 2016.

Trojanized CMS plug-ins infect thousands of websites in tech support scam campaign

A recently uncovered tech support scam campaign has compromised thousands of websites with malicious ad injections that redirect users to a browser locker page that claims their computers are infected.

Fake Teleg'e'ram app looks to take advantage of Russia banning Telegram

An imitation of the popular Telegram app made its rounds on Google Play as Russian government ordered the immediate blocking of messaging app.

Fake updates pushing Chtonic, NetSupport RAT through Joomla and WordPress sites

Malwarebytes has closely examined a relatively new fake update scam that uses a combination of legitimate websites, a real cloud storage site and excellent social engineering to pass along either a banking Trojan and remote access tool to its victims.

Cryptocurrency mining malware usage continues climbing

It should come as no surprise to anyone in the cybersecurity industry that cryptocurrency mining is increasing at an incredible rate, but the rate of increase might come as a surprise.

Malicious Android adware apps downloaded 500,000

Malicious actors managed to foil Google's Play Protect app vetting process and place numerous malicious apps into the store Sophos Labs by having them lay doggo before finally activating and bombarding the victim with unwanted ads.

Latvian man pleads guilty to role in malvertising-based scareware scheme

A Latvian national who at one point was the fifth most wanted cybercriminal in the U.S. pleaded guilty this week in federal court to supporting a scareware scheme targeting users of the Minneapolis Star Tribune's website.

Cybercriminals exploiting traditional trust measures for compromises, study

Cybercriminals are exploiting traditional measures of trust to gain a foothold on users systems by compromising trusted sites.

Google's DoubleClick network exploited to serve cryptominers

A malvertising campaign was observed exploiting Google's DoubleClick network to deliver silent cryptominers on high-traffic sites.

Twitter spam app plaguing accounts

Cybercrimals attempting to take advantage of Twitter users curiosity over who visits their page are using a new form of bait that advertises the ability to track such visits.

Malvertising 'conglomerate' created 28 fake ad agencies to abuse legit platforms

A massive malvertising operation bought an estimated 1 billion ad views in 2017 under the guise of 28 different fake ad agencies, in what a new report is calling the largest operation of its kind last year.

Teligram? Fake Telegram app contains malvertising

A phony and malicious application imitating the Telegram app made its way into the Google Play Store posing as a newer updated version of the popular messaging app.

Cryptominer malwares in RIG EK spread via malvertising

Malwarebytes researcher Jerome Segura analyzed a RIG exploit campaign distributing malware coin miners.

Prilex and Cutlet Maker ATM malwares uniquely target users

Trend Micro researchers spotted two ATM malware families which raise concern of what's to come.

Terror EK spotted using SSL certificates to beat security

Cybercriminals using the Terror exploit kit have recently starting using SSL certificates to help sneak the EK and its malware passed cybersecurity staffers.

Star Wars Sith Droid botnets hijack send-to-a-friend modules to send spam

Forces of the dark side are hijacking send-to-a-friend (a.k.a. share-with-a-friend) social sharing modules to send random Star Wars quotes and malicious links.

RIG EK used to spread Matrix ransomware via malvertising

Matrix ransomware is now being distributed via the RIG exploit kit on various sites displaying malvertising.

Pornhub users hijacked by malvertising campaign malware infections

Kovter Group malvertising campaign put millions at risk of ad fraud malware infections. Fake browser updates hoodwink users into installing malware.

Taboola content platform served malvertising on MSN.com

Native ad and content provider Taboola is being abused by tech support scammers to serve malvertising.

Shadow Brokers Eternal Exploits expected to remain effective

Even with increased awareness and the availability of patches, the vulnerabilities are unlikely to disappear soon, researchers said.

Chinese authorities arrest 11 in Fireball malware sting

Beijing officials arrested 11 individuals linked to the Fireball malware after receiving a tip from someone operating under the pseudonym "Zhang Ming."

ProMediads now using Sundown-Pirate EK to spread a variety of malware

A year-old malvertising campaign has helped researchers uncover a new exploit kit (EK) called Sundown-Pirate that is being used to deliver a plethora of malware types.

Latest CryptoMix ransomware adds .Exte extension to files

A new variant CryptoMix ransomware is appending the .EXTE extension to the names of the folders it captures.

Stolen DMA Locker variant exploits Remote Desktop

Malwarebytes researchers spot a stolen version of the DMA Locker ransomware exploiting users via weakly protected Remote Desktop.

U.S. Postal Service-themed spam delivers three banking trojans

Malwarebytes researchers spotted an uptick in United States Postal Service (USPS) themed malspam delivering one of three banking trojans.