Where the Comment is King

THE NEWS COMMENTER

VOTE  (0)  (0)

Millions of web surfers are being targeted by a single malvertising group

Added 04-19-21 05:10:04pm EST - “Tag Barnakle is using infected ad servers to go "straight for the jugular," firm says.” - Arstechnica.com

CLICK TO SHARE

Posted By TheNewsCommenter: From Arstechnica.com: “Millions of web surfers are being targeted by a single malvertising group”. Below is an excerpt from the article.

Hackers have compromised more than 120 ad servers over the past year in an ongoing campaign that displays malicious advertisements on tens of millions, if not hundreds of millions, of devices as they visit sites that, by all outward appearances, are benign.

Malvertising is the practice of delivering ads to people as they visit trusted websites. The ads embed JavaScript that surreptitiously exploits software flaws or tries to trick visitors into installing an unsafe app, paying fraudulent computer support fees, or taking other harmful actions. Typically, the scammers behind this Internet scourge pose as buyers and pay ad-delivery networks to display the malicious ads on individual sites.

Infiltrating the ad ecosystem by posing as a legitimate buyer requires resources. For one, scammers must invest time learning how the market works and then creating an entity that has a trustworthy reputation. The approach also requires paying money to buy space for the malicious ads to run. That’s not the technique used by a malvertising group that security firm Confiant calls Tag Barnakle.

“Tag Barnakle, on the other hand, is able to bypass this initial hurdle completely by going straight for the jugular—mass compromise of ad serving infrastructure,” Confiant researcher Eliya Stein wrote in a blog post published Monday. “Likely, they’re also able to boast an ROI [return on investment] that would eclipse their rivals as they don’t need to spend a dime to run ad campaigns.”

Over the past year, Tag Barnakle has infected more than 120 servers running Revive, an open source app for organizations that want to run their own ad server rather than relying on a third-party service. The 120 figure is twice the number of infected Revive servers Confiant found last year.

Read more...

If you don't see any comments yet, congrats! You get first comment. Be nice and have fun.

CLICK TO SHARE

BACK TO THE HOME-PAGE