‘LuckyBoy’ Malvertising Campaign Hits iOS, Android, XBox Users
A new campaign is targeting mobile and other connected device users through utilizing cloaking and obfuscation techniques to evade detection. The malvertising campaign has been named LuckyBoy and consists of a multi-stage, tag-based approach and attack method. Andriod, Xbox, and iOS users are being targeted in the attacks. According to cybersecurity researchers, the campaign began in December of 2020 and has since penetrated 10 Demand Side Platforms, most of them Europe-based.
However, there have been campaigns impacting users in the US and Canada as well. The campaign allegedly uses a malware variant that allows attackers to detect whether active debuggers, testing environments, or blockers are in place on the targeted device. If so, the malware will not execute. LuckyBoy was found by researchers operating on a schedule and in bursts, with small campaigns launched on Thursday nights and continuing throughout the weekend.