Malvertising | SC Media

Malvertising

Stegoware-3PC marks new high in adware sophistication

A new steganography campaign targeting iOS devices exploits demand-side adtech providers and adtech vendors to serve malware to millions of consumers. The Media Trust Digital Security and Operations team has detected that at least five publishers, three demand-side vendors, and 11 other adtech vendors have been used to spread the malware Stegoware-3PC residing in PNG files…

Malvertising scheme abuses Yandex.Direct, targets Russian accountants with assorted malware

Cybercriminals are abusing the Yandex.Direct online advertising service in order to serve up malicious ads that target Russian accountants with the goal of infecting them with banking trojans and ransomware. Researchers from ESET have so far linked six malware programs to this campaign, which began in October and continues to this day. During periods of…

High-volume eGobbler malvertising campaign exploits zero-day Chrome bug

A malicious actor has been leveraging a Google Chrome browser exploit to deliver malvertisements to iOS users, including a campaign earlier this month during which 500 million user sessions were exposed to a session hijacking attack. Dubbed eGobbler by researchers at Confiant, the threat actor from April 6-10 ran a massive operation consisting of eight…

Malspam campaign leverages Boeing 737 Max tragedy

Threat actors are once again leveraging tragedy, this time sending spam messages concerning the recent Boeing 737 MAX crash which took place last week. The campaign was discovered by 360 Threat Intelligence Center researchers who posted about the malicious campaign on Twitter. Cybercriminals posing as a “private intelligent analyst” are sending spam loaded with malware…

Malvertising attacks using polyglot images spotted in the wild

The malvertising space may be seeing an influx of more advanced threat actors according one research report that found polyglot images now being used to disguise malvertising attacks. Polyglot images, which differ from their near cousins steganographic images primarily by not needing an external script to extract the payload, have been spotted in the wild,…

GooglePlay

Beauty camera apps malware not so pretty

Some beauty camera app users may end up seeing a bit more than they were hoping for as some of these are pushing unwanted ads and even pornographic material while others may steal your photos. Trend Micro researchers found several of these apps, identified as AndroidOS_BadCamera.HRX, available. The number of downloads from Google Play range…

Arrest

FBI swats down massive, botnet-fueled ad fraud operation

With a heavy assist from private-sector cybersecurity and tech organizations, the FBI has dismantled a highly complex fraud network responsible for generating billions upon billions of fake online ad placements. In conjunction with the takedown, the U.S. Department of Justice yesterday announced a 13-count indictment filed against eight individuals, each a resident of either Russia,…

Next post in Security News