Malvertising is spreading rapidly, infecting over 1 million devices worldwide. A recent report reveals that attackers use illegal streaming sites to deliver malware.
The campaign began in December 2024 and affects both individuals and businesses. Attackers use phishing, SEO poisoning, and fake ads to trick users into downloading harmful software. The malware steals sensitive data, including browser credentials and financial information.
What Is Malvertising?
Malvertising, short for malicious advertising, is a cyberattack method where hackers inject harmful code into online ads. These malicious ads appear on legitimate websites, tricking users into clicking on them. Once clicked, they can redirect users to phishing sites, install malware, or exploit security vulnerabilities. Unlike traditional phishing, malvertising doesn’t require users to download suspicious files, simply visiting a compromised site can trigger an infection.
How the Attack Works
The attack starts with ads embedded in illegal streaming websites. Clicking these ads redirects users through multiple layers of malicious websites. Eventually, they land on pages hosted on GitHub, Discord, or Dropbox, which deliver malware payloads.
Once installed, the malware runs PowerShell scripts to disable security tools and establish persistence. It also scans for cryptocurrency wallets, exfiltrates system data, and deploys additional malware. Researchers found that attackers use a remote access trojan (RAT) to take control of infected devices.
The infection process occurs in four stages:
- Gaining initial access through malicious downloads.
- Collecting system information and identifying security software.
- Delivering additional malware and stealing user data.
- Running scripts to bypass security measures and maintain control.
How to Stay Safe
Users should avoid illegal streaming sites and suspicious ads. Always download software from official sources and keep security tools updated. Businesses must train employees to recognize phishing threats and implement advanced security solutions.
By staying cautious and using strong cybersecurity measures, individuals and organizations can protect themselves from malvertising attacks.
Sleep well, we got you covered.
