Cyber Criminals Are Hacking Ad Servers, Luring Victims to Malware-Infected Sites

Cyber Criminals Are Hacking Ad Servers, Luring Victims to Malware-Infected Sites
фото показано с : beincrypto.com

2020-4-26 00:15

Hackers have continued to attract attention in these times, as they appear to have deployed new strategies to conduct their nefarious activities.

Cybersecurity firm Confiant has exposed the operation of a mysterious hacker group that breaks into ad servers with the sole intent of running malicious ads straight from the networks.

A New Direct Hacking Method

The hacker group found a flaw in old Revive ad servers that allows them to break into networks running on the server, Confiant reports. Once they gain access, they attach malicious code to existing ads and watch the ads roll out. Revive is an open-source ad serving system that has been in operation for well over a decade.

As soon as an infected ad gets onto legitimate sites, the code immediately redirects the site’s visitors to websites loaded with malware-infected files. These files are usually disguised as Adobe Flash Player updates.

Confiant said it noticed the trend last August, and the number of occurrences has only increased since then. The hacker group — which Confiant named Tar Barnakle — has infected at least 60 old Revive servers. Tag Barnakle has loaded its malicious ads on thousands of sites.

Confiant researcher Eliya Stein noted,

“If we take a look at the volumes behind just one of the compromised RTB ad servers — we see spikes of up to 1.25 [million] affected ad impressions in a single day.”

Confiant also points out that Tar Barnakle’s operating format presents a bit of a break from the norm. Most malvertising companies create fake entities and purchase ads on legitimate sites, thus changing the ads’ codes in the future. These companies also sometimes have help from shady ad networks that have enabled them in the past. However, Tar Barnakle is choosing to attack the ad servers directly.

Phishing and Malware Attacks Continue to Run Rampant

The report is coming in the wave of new fears over the propagation of scams and cyberattacks across the United States and several other developed countries. In the wake of the coronavirus, cyber attackers have been on the prowl and have escalated the scale of their attacks significantly.

Currently, phishing and malware attacks appear to be the most prominent methods used by these coronavirus hackers.

Earlier this week, the Microsoft Security Intelligence team issued a warning to users to be mindful of a new “Trickbot” malware that’s been taking advantage of the pandemic.

According to the researchers, hackers are now posing as the “USA Volunteer Organization” and the “USA Humanitarian Group” and are sending out phishing emails disguised as coronavirus testing information. Each email comes with an attachment that seeks to unleash the Trickbot malware on the victim’s computer. The researchers also warned that several phishing campaigns have been using the remote working theme to encourage victims to share their personal and financial information.

The post Cyber Criminals Are Hacking Ad Servers, Luring Victims to Malware-Infected Sites appeared first on BeInCrypto.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Content and AD Network (CAN) на Currencies.ru

$ 0 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 0.00 %
Cегодня L: $0 - H: $0
Капитализация $0 Rank 99999
Цена в час новости $ 0.0003617 (-100%)

servers group hacker mysterious operation exposed cybersecurity

servers group → Результатов: 16


Фото:

Cryptocurrency mining malware has become self-aware (kinda)

A common form of cryptocurrency mining malware has evolved and is now able to switch off security services to continue mining without being detected. Security researchers at Palo Alto Networks’ Unit 42 discovered that the malware used by cryptojacking group “Rocke” is able to gain administrative privileges to Linux-based cloud servers and uninstall vital security programs.

2019-1-17 18:18


Фото:

The Genesis Files: With Bit Gold, Szabo Was Inches Away From Inventing Bitcoin

As his Hungarian parents had fled post-war Soviet regime to settle in the United States, Nick Szabo came to call the Californian Bay area of the 1990s his home. Here, he was among the first to frequent the in-person “Cypherpunk” meetings organized by Timothy May, Eric Hughes and other founding members of the collective of cryptographers, programmers and privacy activists centered around the ’90s mailing list of the same name.

2018-7-13 17:16