A malvertising campaign launched last week takes advantage of an unpatched software vulnerability in the iOS version of Google Chrome, putting about half a billion users at risk. The threat actor behind the attack has been identified as the eGobbler gang, a cybercriminal group known for launching malvertising campaigns around
In a disturbing two-stage malvertising attack campaign that highlights the increasingly complex nature of cyber attacks, the threat actors behind the infamous GandCrab ransomware have added Vidar, an information-stealing Trojan to their arsenal. In the first stage of the attack, the Fallout Exploit Kit is used to distribute Vidar. After
A “Malvertising” campaign has used legitimate online advertising supply chains to distribute malicious adverts around the world. Because the return from clicks on malicious ads is so instantaneous, the posters are willing and able to outbid legitimate advertisements. “The ads often contain malicious code that exploits unpatched vulnerabilities in browsers
I’ve been in evil genius mode with Lou a few times on this. The advertising networks provide a tremendous amount of granularity that can be used for very focused attacks. For network defenders, they can also be very useful for attribution operations as well.