malvertising

Pierluigi Paganini December 04, 2023
Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware

Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to deploy the CACTUS ransomware. Microsoft the campaign to the ransomware operator Storm-0216 (Twisted Spider, UNC2198). Storm-0216 has historically used Qakbot malware for initial access, but has switched to other […]

Pierluigi Paganini September 07, 2023
A malvertising campaign is delivering a new version of the macOS Atomic Stealer

Researchers spotted a new malvertising campaign targeting Mac users with a new version of the macOS stealer Atomic Stealer. Malwarebytes researchers have observed a new malvertising campaign distributing an updated version of the popular Atomic Stealer (AMOS) for Mac. The Atomic Stealer first appeared in the threat landscape in April 2023. In April Cyble Research […]

Pierluigi Paganini October 25, 2022
Dormant Colors campaign operates over 1M malicious Chrome extensions

A new malvertising campaign, code-named Dormant Colors, is delivering malicious Google Chrome extensions that hijack targets’ browsers. Researchers at Guardio Labs have discovered a new malvertising campaign, called Dormant Colors, aimed at delivering malicious Google Chrome extensions. The Chrome extensions hijack searches and insert affiliate links into web pages. The experts called the campaign Dormant […]

Pierluigi Paganini December 06, 2021
Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers

Experts spotted a series of malvertising campaigns using fake installers of popular apps and games to deliver a backdoor and a malicious Chrome extension. Talos researchers spotted a series of malvertising campaigns using fake installers of popular apps and games as a lure to trick users into downloading a new backdoor and an undocumented malicious […]

Pierluigi Paganini February 17, 2021
ScamClub malvertising gang abused WebKit zero-day to redirect to online gift card scams

Malvertising gang ScamClub has exploited an unpatched zero-day vulnerability in WebKit-based browsers in a campaign aimed at realizing online gift card scams. The Malvertising gang ScamClub has abused an unpatched zero-day vulnerability in WebKit-based browsers to bypass security measures and redirect users from legitimate sites to websites hosting online gift card scams. The malvertising campaign […]

Pierluigi Paganini September 12, 2020
Malàsmoke gang could infect your PC while you watch porn sites

A cybercrime group named Malàsmoke has been targeting porn sites over the past months with malicious ads redirecting users to exploit kits. A cybercrime group named Malàsmoke has been targeting porn sites over the past months, it is placing malicious ads on adult-themed websites to redirect users to exploit kits and deliver malware. According to […]

Pierluigi Paganini July 07, 2020
Authors of Purple Fox EK adds 2 Microsoft exploits

The authors of the Purple Fox EK have integrated two new exploits for Microsoft vulnerabilities to the Purple Fox EK. The Purple Fox EK continues to be improved by its authors that implemented two new exploits for Microsoft critical- and high-severity Microsoft vulnerabilities. The Purple Fox EK appears to have been built to replace the […]

Pierluigi Paganini December 14, 2019
A malvertising campaign targets iPhone users with Krampus-3PC

A malvertising campaign that involved more than 100 publisher websites targeted iPhone users to deliver the Smart Krampus-3PC Malware. According to The Media Trust’s Digital Security & Operations (DSO) team, iPhone users have been targeted by a malvertising campaign that has impacted more than 100 publisher websites, including online newspapers and international weekly news magazines. […]

Pierluigi Paganini September 30, 2019
eGobbler ‘s malvertising campaign hijacked over 1 billion ad impressions

A recently observed a malvertising campaign carried out by a threat group dubbed eGobbler that hijacked roughly 1.16 billion ad impressions. Researchers at Confiant observed a malvertising campaign carried out by a threat actor dubbed eGobbler hijacked roughly 1.16 billion ad impressions to redirect victims to websites hosting malicious payloads. The campaign was observed between August 1 […]

Pierluigi Paganini April 17, 2019
eGobbler hackers used Chrome bug to deliver 500Million+ ads to iOS users

Threat Group Exploits Chrome Bug to Serve Malicious Ads to iOS Users Threat actors tracked as eGobbler developed a new exploit that is allowing them to serve more than 500 million malicious ads to iOS users. The group tracked as eGobbler is exploiting a security flaw in the Google Chrome browser to target millions of […]