DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages
Dec 16, 2024
Malvertising / Threat Intelligence
Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds . "Entirely reliant on a single ad network for propagation, this campaign showcases the core mechanisms of malvertising — delivering over 1 million daily 'ad impressions' [in the last ten days] and causing thousands of daily victims to lose their accounts and money through a network of 3,000+ content sites funneling traffic," Nati Tal, head of Guardio Labs, said in a report shared with The Hacker News. The campaigns, as documented by several cybersecurity companies in recent months, involve directing visitors of pirated movie sites and others to bogus CAPTCHA verification pages that instruct them to copy and execute a Base64-encoded PowerShell command, ultimately leading to the deployment of information st...