Duo Security released an analysis on Thursday claiming that over 500 malicious Chrome extensions were secretly collecting browser data and redirecting users to websites containing malware. Researchers at Duo Security stated that the extensions have since been removed from Google’s Chrome Web Store, but that they were previously downloaded millions
A new report by RiskIQ provides and in-depth look at the evolving Magecart threat. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the payment card information of visitors. The average Magecart breach lasts 22
Since Thanksgiving of last year, a sophisticated cybercrime group called eGobbler has been taking advantage of two browser vulnerabilities in order to display malicious ads on legitimate websites, researchers with Confiant warn. Between August 1 and September 23 of this year, eGobbler campaigns accounted for a whopping 1.16 billion ad
Researchers with Confiant have identified a Hong Kong based advertising firm as the culprit behind a massive malvertising campaign that has already displayed over 100 million adds, including tech support scams, phishing pages and other scams in Windows 10 apps and Microsoft games this year. The activity of the malvertising
A malvertising campaign launched last week takes advantage of an unpatched software vulnerability in the iOS version of Google Chrome, putting about half a billion users at risk. The threat actor behind the attack has been identified as the eGobbler gang, a cybercriminal group known for launching malvertising campaigns around
In a disturbing two-stage malvertising attack campaign that highlights the increasingly complex nature of cyber attacks, the threat actors behind the infamous GandCrab ransomware have added Vidar, an information-stealing Trojan to their arsenal. In the first stage of the attack, the Fallout Exploit Kit is used to distribute Vidar. After
A “Malvertising” campaign has used legitimate online advertising supply chains to distribute malicious adverts around the world. Because the return from clicks on malicious ads is so instantaneous, the posters are willing and able to outbid legitimate advertisements. “The ads often contain malicious code that exploits unpatched vulnerabilities in browsers
I’ve been in evil genius mode with Lou a few times on this. The advertising networks provide a tremendous amount of granularity that can be used for very focused attacks. For network defenders, they can also be very useful for attribution operations as well.