Tag

Ad Fraud

All articles tagged with #ad fraud

technology1 month ago•4 min saved

GhostPoster malware resurges via popular browser extensions with 840k installs

Researchers found 17 GhostPoster-linked extensions in Chrome, Firefox, and Edge totaling about 840,000 installs. The extensions hide malicious JavaScript in their logos to monitor browser activity, hijack affiliate links, and inject invisible iframes for ad and click fraud, pulling a heavily obfuscated payload from an external resource. LayerX reports a more advanced variant that moves the payload into the extension’s background script and stores it inside a bundled image, improving dormancy and evasion. Some extensions have been removed from Mozilla and Microsoft stores; Google has removed them from Chrome Web Store, but users who installed them may still be at risk. The campaign originated on Edge and later spread to other browsers, and the researchers say it remains active.

via BleepingComputer|

#ad-fraud #browser-extensions #malware

security2 months ago•3 min saved

GhostPoster Malware Infects Over 50,000 Firefox Users via Malicious Add-on Icons

A campaign named GhostPoster has compromised 17 Firefox add-ons, embedding malicious JavaScript to hijack affiliate links, inject tracking, and facilitate ad fraud, affecting over 50,000 downloads. The malware employs sophisticated evasion techniques, including delayed activation and random payload fetching, to monitor browsing, strip security headers, and enable remote code execution, highlighting ongoing threats from malicious browser extensions.

via The Hacker News|

#ad-fraud #browser-security #firefox-extensions

technology2 months ago•6 min saved

Meta Faces Growing Ad Fraud Concerns and Potential Legal Challenges

A Reuters investigation reveals that Meta generates billions from Chinese ads, with a significant portion linked to scams and illegal activities, highlighting internal policies that prioritize revenue over fraud prevention, and raising concerns about the company's transparency and effectiveness in combating ad fraud.

via Fortune|

#ad-fraud #china #internal-investigation

technology4 months ago•2 min saved

ChatGPT Atlas: Revolutionizing Web Browsing and Ad Spending

OpenAI's ChatGPT Atlas browser can mimic human clicks on ads, potentially draining ad budgets and corrupting analytics data, which poses risks for digital marketing and calls for new detection standards.

via Search Engine Land|

#ad-fraud #ai-browser #analytics

technology5 months ago•2 min saved

Google Removes 224 Android Apps in Major Ad Fraud Crackdown

Google disrupted the 'SlopAds' ad fraud campaign involving 224 malicious Android apps that generated 2.3 billion fraudulent ad requests daily, employing sophisticated obfuscation and steganography techniques to evade detection. The campaign was widespread, with apps downloaded over 38 million times across 228 countries, and used hidden malware modules to simulate legitimate ad interactions, generating significant revenue for attackers. Google has removed the apps and updated protections, but experts warn the threat may re-emerge with new tactics.

via BleepingComputer|

#ad-fraud #android #google-play

technology5 months ago•2 min saved

Cybercriminals Exploit Fake Ads to Infect Android Devices with Malware and Spyware

Cybercriminals are using fake TradingView ads on Meta's platform to distribute Brokewell malware for Android, which can steal sensitive data, monitor devices remotely, and hijack device controls, targeting cryptocurrency users since July 2023.

via BleepingComputer|

#ad-fraud #android-malware #brokewell

cybersecurity2 years ago•2 min saved

"PEACHPIT Unveiled: Massive Ad Fraud Botnet Infects Android and iOS Devices"

The PEACHPIT ad fraud botnet, part of the larger BADBOX operation, has been using hundreds of thousands of compromised Android and iOS devices to generate illicit profits. The botnet, discovered by HUMAN, was found in 227 countries and territories and infected devices through 39 apps installed over 15 million times. The malware allowed the operators to steal sensitive data, create residential proxy exit peers, and commit ad fraud. The Android devices are suspected to have been compromised through a hardware supply chain attack. Apple and Google have worked with HUMAN to disrupt the operation, but the attackers are likely adjusting their tactics to evade detection.

via The Hacker News|

#ad-fraud #android #botnet

cybersecurity2 years ago•6 min saved

"Massive Malware Outbreak: Chinese Smart TV Boxes and Android Devices Compromised in PEACHPIT Ad Fraud Campaign"

Chinese smart TV boxes sold on popular online retailers and resale sites were found to be infected with malware called Triada in a campaign named BADBOX. Over 200 models were discovered to have pre-installed malware, with 80% of the tested units infected. The malware delivered over four billion invisible ads per day. In another cybersecurity incident, software firm Blackbaud has settled with attorneys general from all 50 US states for $49.5 million over its deficient data security practices and inadequate response to a ransomware attack in 2020. Additionally, the Qakbot malware operation appears to be persisting despite an international takedown, and genetics firm 23andMe suffered a credential stuffing attack resulting in the theft of personal information, including genetic ancestry results.

via The Register|

#ad-fraud #credential-stuffing #cybersecurity

technology2 years ago•4 min saved

"Malware-Infested Android TV Boxes Pose Threat to Home Networks and Schools"

Cybersecurity firm Human Security has discovered two backdoors, Badbox and Peachpit, in popular Android TV boxes, indicating an organized network of ad fraud. The malware can conduct ad fraud, create fake accounts, sell access to home networks, and is difficult to detect and remove. The affected devices include 200 different models of Android TV boxes, with 80% of those sold in the US containing Badbox. The network behind the malware is described as a "Swiss Army knife of doing bad things on the internet." Users are advised to install apps from reliable sources and keep their devices up-to-date. Human Security has shared its findings with law enforcement agencies.

via HackRead|

#ad-fraud #android-tv-boxes #cybersecurity

technology2 years ago•4 min saved

Google Faces Accusations of Violating Guidelines and Misleading Advertisers

Google has denied allegations that it violated its own guidelines and misled advertisers regarding ad viewership on third-party websites. Adalytics, a third-party analytics company, claimed that Google's video ads often appeared on lower-quality websites, were positioned away from the main content, and sometimes ran without audio. Adalytics suggested that these practices may have artificially inflated ad metrics, leading to advertisers paying more. Google has rejected these claims, stating that the report used unreliable methodologies and that the majority of video ad campaigns run on YouTube. The allegations come as Alphabet, Google's parent company, faces scrutiny over its advertising practices.

via Engadget|

#ad-fraud #advertisers #analytics

mobile-securityhacking2 years ago•2 min saved

"Massive Android Malware Outbreak: Over 100 Million Downloads Infected"

Over 100 million Google Play Store downloads have been infected by a new Android malware strain named Goldoson, which is part of a third-party software library used by more than 60 legitimate apps. The malware is capable of gathering information about installed apps, Wi-Fi and Bluetooth-connected devices, and GPS locations, and can perform ad fraud by clicking advertisements in the background without the user's consent. The rogue component has been removed from 36 of the 63 offending apps following responsible disclosure to Google. The findings highlight the need for app developers to be transparent about the dependencies used in their software and safeguard users' information against such abuse.

via The Hacker News|

#ad-fraud #android-malware #goldoson

cybersecurity2 years ago•3 min saved

Google Play Store hit by massive Android malware infiltration.

A new Android malware named 'Goldoson' has infiltrated Google Play through 60 legitimate apps that collectively have 100 million downloads. The malware can collect data on installed apps, WiFi and Bluetooth-connected devices, and the user's GPS locations, and perform ad fraud by clicking ads in the background without the user's consent. The impacted apps have been removed from Google Play, but the risk still exists on third-party Android app stores. Users can remediate the risk by applying the latest available update and looking out for common signs of adware and malware infection.

via BleepingComputer|

#ad-fraud #android #cybersecurity