DeceptionAds Warning: New Malicious Ad Type Exploits Legitimate Services to Display Fake CAPTCHAs
Malvertising comes in many shapes and forms, but some are more dangerous than others. DeceptionAds is a new form of malvertising, where scammers use legitimate advertising platforms and ensure that their malicious sites avoid as much censorship as possible, allowing their bad ads to get up to 1 million impressions per day.
DeceptionAds abuses legitimate channels to distribute PowerShell malware
According to Guard.io, DeceptionAds is a fake CAPTCHA page that asks users to copy and paste a command to activate PowerShell malware. This attack vector is nothing new; the attack was reported in a McAfee discovery last October.
What makes this particular case notable is how it spread. To lure people into these fake CAPTCHA sites, the cybercriminals set up a system where they sent fake ads through Monetag, a legitimate ad network. Monetag has moderation tools to prevent attacks like this, but the cybercriminals tied themselves to a second legitimate service called BeMob, which was designed to perform ad tracking.
Of course, the criminals weren't really interested in implementing ad tracking on their fake sites. Instead, they passed the malicious site's BeMob URL to Monetag. Since BeMob was a trusted source, Monetag accepted the link and didn't flag it during moderation. This allowed the cybercriminals to display their malicious ads 1 million times a day on over 3,000 websites.
Fortunately, Guard.io reported these cases, and both Monetag and BeMob have removed the offending ads and removed the bad actors behind them. However, this provides insight into how malvertisers leverage official, legitimate channels to spread their sites undetected.
Fortunately, avoiding this attack is the same as all other malicious ads. By knowing what to look for when spotting malicious ads, you can spot fake ads and avoid clicking on them in the first place.
You should read it
- How to install PowerShell 7.0 in Windows 10/8/7
- What is PowerShell Basic commands in PowerShell
- Use PowerShell to download any file on Windows 10
- PowerShell command in Windows
- How to use PowerShell's default parameter to change the command behavior
- How to check PowerShell version in Windows 10
- Instructions on how to use PowerShell in Windows Server 2012
- What is Windows PowerShell? How to use Windows PowerShell
May be interested
- Malicious code is growing upsecurity firm mcafee warns that malicious code is currently on the way to prepare to reach a new level of complexity and professionalism. not only the malicious code and adware are now becoming a professionally distributed service
- Sockbot malware was discovered in applications on Google Play Storethis month, symantec discovered a new type of malware on android called sockbot, a legitimate application on google play that allows an attacker to create fake ad traffic.
- Fake Voice 7.0 - Download Fake Voice 7.0 herefake voice is a software that changes your voice to male, female, old, young, shrill or another type of voice.
- Fake laptop battery warning and recyclingin vietnam, many people have imported a large number of old cells from china to recycle batteries for laptops themselves.
- Watch out for new dangerous viruses similar to WannaCryanother type of computer virus that exploits a security hole in the windows operating system, such as the wannacry malicious code, has spread more than 200,000 devices and helped hackers hack silver.
- 136 Money-stealing malicious apps, you must delete them now!security researchers at zimperium zlabs recently discovered a new type of trojan that specifically targets financial services. this new trojan, named grifthorse, has now affected more than 10 million android users in more than 70 countries worldwide.
- Warning: Detecting a campaign to spread malicious code GandCrab 5.2 into Vietnam via fake email of the Ministry of Public Securityvietnam computer emergency response center (vncert) has sent a dispatch to member units informing that there is a campaign to distribute malicious code to extort gandcrab 5.2 into vietnam and southeast asian countries. .
- Thousands of images on Google are infected with malicious codeaccording to the sans security research center, some images on google have been infected by malicious code, which leads users to websites that sell fake antivirus software or make users believe they have to download a program. certain (is a hacker's fake product) to fight viruses.
- Warning fake antivirus software appears in seriesa series of fake antivirus software - fake av- was born in a short time since 2009 causing confusion for users worldwide.
- Microsoft urgently warns about a phishing campaign that uses malicious Excel macros to hack PCssecurity team with microsoft's security intelligence has issued an urgent warning about a massive fraud campaign.