Skip Navigation
Technology @lemmy.world
Otter @lemmy.ca

Nearly 1 million Windows devices targeted in advanced “malvertising” spree

Nearly 1 million Windows devices were targeted in recent months by a sophisticated "malvertising" campaign that surreptitiously stole login credentials, cryptocurrency, and other sensitive information from infected machines, Microsoft said.

The campaign began in December, when the attackers, who remain unknown, seeded websites with links that downloaded ads from malicious servers. The links led targeted machines through several intermediary sites until finally arriving at repositories on Microsoft-owned GitHub, which hosted a raft of malicious files.

Ad blockers aren't just convenient, they're necessary for online safety. Install it on your family member's devices

You're viewing a single thread.

5 comments

  • If I'm reading this right this still required a manual clickthrough (seemingly forced through a fake video player) and running an executable, right? The description is simultaneously very detailed and fuzzy on the social engineering portion.

    Analysis of the redirector chain determined the attack likely originated from illegal streaming websites where users can watch pirated videos. The streaming websites embedded malvertising redirectors within movie frames to generate pay-per-view or pay-per-click revenue from malvertising platforms. These redirectors subsequently routed traffic through one or two additional malicious redirectors, ultimately leading to another website, such as a malware or tech support scam website, which then redirected to GitHub.

    Not to say you don't want an adblocker for security reasons, but still, the implication in the reporting is "have an ad pop up, get infected", when it was more "click on the "watch PopularseriesS02e04" prompt, fail multiple times due to it being an obvious scam, get prompted to download some files, install said files, get infected".