Cyber Insiders-v8-web - Flipbook - Page 12
WHAT IS MALVERTISING
AND HOW TO DEFEND
AGAINST IT
Malvertising isn’t a new threat, but the
uptick in sophistication of payload
has seen a resurgence in its popularity.
This may also be as a result of better
phishing controls and detections,
and more robust basic protections
being built into operating systems
such as Windows.
M ore recently,hackers have been abusing G oogle
Ads to push m alvertising scam s by outbidding the
legitim ate developers to place the fraudulentads
in the top position on G oogle search results.O ften,
they are choosing to m im ic free and open-source
softw are,w hich in the age ofrem ote w orking can
presenta realproblem forenterprises.
Atthe end oflastyear,the FBIissued a w arning that
cybercrim inals w ere deploying m alvertising to redirect
people to sites thathostransom w are and steallogin
credentials and otherfinancialinform ation.
In O ctober2022,a m assive cam paign,using over
200 typosquatting dom ains im personating 27
w ell-know n brands to distribute m alw are,steal
cryptocurrency recovery keys and push Android
m alw are w as uncovered.
Am ong the im personated softw are brands included
AnyD esk (a toolused by IT team s to troubleshoot
userissues rem otely),D ashlane,G ram m arly,
M alw arebytes,M icrosoftVisualStudio,Slack,
and Zoom ,am ong others.
12
|
Page
C YBER IN SID ERS M AG AZIN E - Vol.2
