• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
Computer Business World News

Computer Business World News

Trending News about Computers, Business and Tech

  • Home
  • BUSINESS
  • CAREERS
  • CLOUD
  • COMPUTERS
  • CYBERSECURITY
  • I.T.
  • TECH
  • VOIP
  • About

Millions of web users caught up in massive malvertising campaign Hacker/security

by

Security researchers have shared details about an ongoing malvertising campaign that has compromised over a hundred ad servers, despite early warnings.

Eliya Stein, Senior Security Engineer at security firm Confiant, has been tracking the malvertising threat actor known as Tag Barnakle for over a year now.

Stein first reported the malvertising campaign in April 2020 when he found sixty compromised ad servers that had been exploited.

TechRadar needs you!

We’re looking at how our readers use VPN for a forthcoming in-depth report. We’d love to hear your thoughts in the survey below. It won’t take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

One year later, however, Stein reports that the threat actor has continued to operate unchecked and the number of breached servers has doubled to over 120. 

Lethargic response

Stein asserts that most malvertising groups infiltrate the advertising ecosystem as legitimate media buyers. However, what sets Tag Barnakle apart from the rest is that this threat actor resorts to compromising the ad-serving infrastructure instead. 

The research shows that Tag Barnakle targets advertising companies that use a vulnerable instance of the Revive ad server. Once identified, it inserts malicious code into legitimate ads that redirects website visitors to sites that promote scams and malware.

Worryingly, however, while Stein’s research prompted the developers of the Revive ad server to urge its customers to upgrade to their ad server installation, few have done so. 

The result of the lethargy shown by the online advertising companies is that the number of compromised Revive servers has grown to over 120 since Stein’s last warning.

Widespread reach

Commenting on the scope of the attacks, Stein argues that some of the owners of the compromised ad servers are also using real-time bidding (RTB) systems to broadcast their ads to other ad companies.

“If we consider that some of these media companies have RTB integrations with leading programmatic advertising platforms, Tag Barnakle’s reach is easily in the tens if not hundreds of millions of devices,” writes Stein.

He also notes that while Tag Barnakle was targeting users of desktop browsers last year, the ads have now started going after mobile users, luring them into installing obscure apps that either have hidden subscription costs or siphon their traffic for nefarious purposes.

Via The Record

View Source

Filed Under: COMPUTERS

Primary Sidebar

More to See

Growth, succession planning, and cybersecurity are top priorities for businesses – WSU Insider

SPOKANE, Wash. — Attracting new customers, planning for retirement and protecting against cyberattacks emerged as three top‑of‑mind priorities for … [Read More...] about Growth, succession planning, and cybersecurity are top priorities for businesses – WSU Insider

Computing announces the UK’s most influential IT leaders

We're all about the IT leader here at Computing - whether that's the CIO, CTO, IT director, chief architect or any one of dozens of other titles. … [Read More...] about Computing announces the UK’s most influential IT leaders

Türk Telekom and Korea Telecom enter a strategic agreement

A strategic relationship between Türk Telekom and Korea Telecom (KT) was launched on Sunday. This initiative will promote cooperation in the areas of … [Read More...] about Türk Telekom and Korea Telecom enter a strategic agreement

Footer

SITE INFORMATION

COMPUTER BUSINESS WORLD NEWS

About/Contact

Privacy Policy

Thank you for visiting our website.

Recent

  • To Prevent Injury, Computers Will Predict When Soldiers Are Tired
  • Growth, succession planning, and cybersecurity are top priorities for businesses – WSU Insider
  • Computing announces the UK’s most influential IT leaders

Search

Copyright © 2022 Computer Business World