Throughout 2024, Bitdefender Labs has been closely monitoring a series of malvertising campaigns that exploit popular platforms to spread malware. These campaigns use fake advertisements to lure users into installing malicious software disguised as legitimate apps or updates. One of the more recent campaigns Bitdefender Labs uncovered involves a fake Bitwarden extension advertised on Meta’s social media platform, Facebook. The campaign tricks users into installing a harmful browser extension und
malvertising (5)
The term "malvertising" (or "malicious advertising") suggests an overlap with ads, and not good ones. Therefore, it fuels the fallacy that its impact hardly goes beyond frustration. As a result, those who are unfamiliar might get the impression that it is no big deal, but this is a far cry from the case.
Malvertising acts as a vessel for malware propagation. To set such a stratagem in motion, cybercriminals poison legitimate websites with ads that lead to shady URLs or download malicious code c
The malware loader PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. PikaBot was previously only distributed via malspam campaigns, similar to QakBot, and emerged as one of the preferred payloads for a threat actor known as TA577. The malware family, which first appeared in early 2023, consists of a loader and a core module that allows it to operate as a backdoor and a distributor for other payloads.
See: https://re
The Healthcare and Public Health (HPH) sector issued a warning on 22 June regarding SEO Poisoning. Search engine optimization (SEO) poisoning, considered a type of malvertising (malicious advertising), is a technique used by threat actors to increase the prominence of their malicious websites, making them look more authentic to consumers. SEO poisoning tricks the human mind, which naturally assumes the top hits are the most credible and is very effective when people fail to look closely at the
Activity Summary - Week Ending on 5 August 2022:
- Red Sky Alliance identified 25,992 connections from new IP’s checking in with our Sinkholes
- Hetzner 10x
- Analysts identified 309 new IP addresses participating in various Botnets
- CloudMensis
- Lightning Framework
- Samba
- Google ADs for Malvertising
- Cyber Security in Ireland
- OneTouchPoint
- SharpTongue
Link to full report: IR-22-217-001_weekly217.pdf