dcsimg

Partnerstroka: Large tech support scam operation features latest browser locker

Tech support scams continue to be one of the top consumer threats in 2018, despite actions from security vendors and law enforcement. Scammers are constantly looking for new ways to reel in more victims, going beyond cold calls impersonating Microsoft to rogue tech support ads using the good name of legitimate brands, and of course, malicious pop-ups. We have been monitoring a particular tech … [Read more...]

How to block ads like a pro

In part one of this series, we had a look at a few reasons why you should be blocking online advertisements on your network and devices. From malvertising attacks and privacy-invading tracking systems to just being an outright annoyance, online ads and trackers are a nuisance that provides an attack vector for malware authors, compromise user security, and plainly, diminish the browsing … [Read more...]

Everybody and their mother is blocking ads, so why aren’t you?

This post may ruffle a few feathers. But we’re not here to offer advice to publishers on how to best generate revenue for their brand. Rather, we’re here to offer the best advice on how to maintain a safe and secure environment. If you’re not blocking advertisements on your PC and mobile device, you should be! And if you know someone who isn’t blocking ads, then forward this post to them. Because … [Read more...]

Shoppers Stop tech scam draws from thousands of forced ad injections

These days, there are a lot of browser locker campaigns fueled by malvertising or redirection from hacked sites. But the Shoppers Stop tech scam campaign is actually a bit of both, using compromised sites injected with advertising code that redirects users to other threats, including tech support scams, via malvertising. We believe those ad injections came from pirated CMS themes. Normally, these … [Read more...]

‘FakeUpdates’ campaign leverages multiple website platforms

A malware campaign which seems to have started at least since December 2017 has been gaining steam by enrolling a growing number of legitimate but compromised websites. Its modus operandi relies on social engineering users with fake but convincing update notifications. Similar techniques were used by a group leveraging malvertising on high traffic websites such as Yahoo to distribute ad fraud … [Read more...]

New RIG malvertising campaign uses cryptocurrency theme as decoy

For a couple of weeks, we have been observing a malvertising campaign that uses decoy websites to redirect users to the RIG exploit kit. Those sites, whose theme is about cryptocurrencies, were all registered recently and are swapped after a few days of use. The initial redirection starts off from a malvertising redirect, which loads the decoy page containing a third-party JavaScript. The … [Read more...]

The state of malicious cryptomining

While cryptocurrencies have been around for a long time and used for legitimate purposes, online criminals have certainly tarnished their reputation. Unfortunately, the same benefits offered by these decentralized and somewhat anonymous digital currencies were quickly abused to extort money, as was the case during the various ransomware outbreaks we’ve witnessed in the last few years. As the value … [Read more...]

Safer Internet Day 2018: ad blockers and anti-trackers

The path to a safer Internet can be a bit of a quandary. What programs should you buy? How long should your passwords be?  Is it okay to write them down? What makes a website secure? All of these questions can merit their own lengthy essays, so today, on Safer Internet Day, we’re going to look at some of the simplest solutions for security. What is the easiest, fastest, completely free thing you … [Read more...]

RIG exploit kit campaign gets deep into crypto craze

There isn’t a day that goes by without a headline about yet another massive spike in Bitcoin valuation, or a story about someone mortgaging their house to purchase the hardware required to become a serious cryptocurrency miner. If many folks are thinking about joining the ‘crypto craze’ movement, they may be surprised to learn that they already have. We’ve documented … [Read more...]

Exosrv.com, an ad server for adult sites, tops Malwarebytes detections

There is a belief that most of what you’ll find on adult websites is going to harm your system. In many cases, this has proven to be true, but overall the adult industry has made numerous efforts to protect their customers and audience. While we would like to tell you that it’s completely safe to surf adult websites these days, we do still need to stay vigilant. That’s why … [Read more...]