Malware, Threat Management, Endpoint/Device Security

Massive app-spoofing malvertising scheme disrupted

Share

Widespread malvertising campaign VASTFLUX, which involved the impersonation of more than 1,700 apps and impacted nearly 11 million devices, has been taken down by fraud prevention company HUMAN, The Hacker News reports. Threat actors have conducted the VASTFLUX campaign to facilitate malicious JavaScript code injection into digital ad creatives, enabling invisible ad player stacking to register multiple ad views, the HUMAN report revealed. Restricted in-app environments for running ads on iOS have been exploited by the operation to bid on ad banner slots, with the secured ad slot being compromised with a JavaScript allowing the app spoofing attack. "It doesn't stop with the stacked ads, though. For as many of those as might be rendering on a user's device at once, they keep loading new ads until the ad slot with the malicious ad code is closed," said HUMAN, which also emphasized the operation's digital advertising ecosystem know-how. VASTFLUX was disrupted three months following the takedown of fraud operation Scylla.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.