Malvertising campaigns come back in full swing

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,572
Content source
https://blog.malwarebytes.com/social-engineering/2020/09/malvertising-campaigns-come-back-in-full-swing/
Malvertising campaigns leading to exploit kits are nowhere near as common these days. Indeed, a number of threat actors have moved on to other delivery methods instead of relying on drive-by downloads.

However, occasionally we see spikes in activity that are noticeable enough that they highlight a successful run. In late August, we started seeing a Fallout exploit kit campaign distributing the Raccoon Stealer via high-traffic adult sites. Shortly after we reported it to the ad network, the same threat actor came back again using the RIG exploit kit instead.

Then we saw possibly the largest campaign to date on top site from a malvertiser we have tracked for well over a year. This threat actor has managed to abuse practically all adult ad networks but this may be the first time they hit a top publisher.
Click to expand...
Still using Internet Explorer?

Threat actors still leveraging exploit kits to deliver malware is one thing, but end users browsing with Internet Explorer is another. Despite recommendations from Microsoft and security professionals, we can only witness that there are still a number of users (consumer and enterprise) worldwide that have yet to migrate to a modern and fully supported browser.

As a result, exploit kit authors are squeezing the last bit of juice from vulnerabilities in Internet Explorer and Flash Player (due to retire for good next year).
Click to expand...
Full story from Malwarebytes here:
blog.malwarebytes.com

Malvertising campaigns come back in full swing | Malwarebytes Labs

Threat actors monetize on adult traffic in several large malvertising campaigns.
blog.malwarebytes.com blog.malwarebytes.com
 
Last edited by a moderator:
  • Like
  • +Reputation
Reactions: Protomartyr, oldschool, plat and 7 others
You must log in or register to reply here.

Similar threads

nicolaasjan
    • Like
Malicious Notepad++ Google ads evade detection for months
Replies
0
Views
832
News Archive
nicolaasjan
nicolaasjan
[correlate]
    • Like
    • Wow
Security News Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
Replies
0
Views
840
Security News
[correlate]
[correlate]
Ink
    • Like
    • Wow
Google-hosted Malvertising; Clever punycode tricks experts to visit fake Keepass site
Replies
0
Views
752
News Archive
Ink
Ink

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top