Malware, Phishing, Threat Intelligence

Massive DeceptionAds campaign examined

Scam alert, software warning fraud, cyber security. Hacker detection cyber attack on computer network, virus, spyware, malware, malicious software and cybercrime, online website. Protect information

More than 3,000 websites and fraudulent CAPTCHA pages have been leveraged to facilitate the widespread DeceptionAds malvertising campaign that spreads the Lumma information-stealing malwareThe Hacker News reports.

Attacks involved the addition of a BeMob URL to the ad management system of the Monetag website monetization platform, also known as Omnatuor or Vane Viper, in an effort to enable TDS redirection to fake CAPTCHA pages hosted on various legitimate services, according to a Guardio Labs report. While both Monetag and BeMob have already acted to remove accounts associated with malicious activity, threat actors are believed to have restarted operations earlier this month. "From deceptive publisher sites offering pirated or clickbait content to complex redirect chains and cloaking techniques, this campaign underscores how ad networks, designed for legitimate purposes, can be weaponized for malicious activities," said Guardio Labs Head Nati Tal, who noted the lack of accountability among ad networks, statistics services, and publishers, as well as hosting providers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds