Cyber criminals are using fake advertising to spread malware
By MYBRANDBOOK
According to Cisco's Talos threat intelligence organization, a new malicious campaign has been gaining traction as an effective method to harvest information from unknowing users. Known as malvertising, Cisco's Talos Intelligence believes a specific campaign known as "Magnat" uses fraudulent online advertising to trick users that are searching for legitimate software installers. The Cisco threat intelligence team believes the Magnat campaign may have started in late 2018 and targets users in Canada, the United States, Australia, and several other European nations.
Once a user is directed to the fraudulent download, they run a fake installer that deploys three distinct pieces of malware to their system. While the fake installer gets to work installing multiple malware components, it does not install the actual application the user was originally searching for.
The first piece of malware is a password stealer used to collect user credentials, often via a common tool known as Redline. Another malware, MagnatBackdoor sets up remote access to the user's device via Microsoft Remote Desktop. This access, combined with the user credentials stolen by Redline (or a similar tool), can provide unfettered access to the user's systems despite being secured and firewalled. The final piece of the malware trifecta is a Chrome browser extension known as MagnatExtension, which is used for keylogging, obtaining screenshots of sensitive information, etc.
Talos believes the Magnat tools have been developed and improved over the course of several years and show no signs of slowing down anytime soon. The installer package's name is constantly evolving and typically references the name of popular applications to lend credibility and trick users into deploying the package. Examples of past package names include viber-25164.exe, wechat-35355.exe, build_9.716-6032.exe, setup_164335.exe, nox_setup_55606.exe and battlefieldsetup_76522.exe.
Singapore to remove One-Time Passwords from Bank Accounts
According to the Monetary Authority of Singapore, clients who utilise secur...
Is 375 million Airtel subscribers database breached?
When a hacker claims to have accessed and put up for sale a customer databa...
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Icons Of India : Daisy Chittilapilly
Daisy Chittilapilly is the President of Cisco’s India and SAARC regi...
Icons Of India : MUKESH D. AMBANI
Mukesh Dhirubhai Ambani is an Indian businessman and the chairman and ...
Icons Of India : Arjun Malhotra
Arjun Malhotra, the Chairman of Magic Software Inc., is widely recogni...
BEL - Bharat Electronics Limited
BEL is an Indian Government-owned aerospace and defence electronics co...
RailTel Corporation of India Limited
RailTel is a leading telecommunications infrastructure provider in Ind...
IREDA - Indian Renewable Energy Development Agency Limited
IREDA is a specialized financial institution in India that facilitates...
Indian Tech Talent Excelling The Tech World - Aman Bhutani, CEO, GoDaddy
Aman Bhutani, the self-taught techie and CEO of GoDaddy, oversees a co...
Indian Tech Talent Excelling The Tech World - ANJALI SUD, CEO – Tubi
Anjali Sud, the former CEO of Vimeo, now leads Tubi, Fox Corporation...
Indian Tech Talent Excelling The Tech World - Thomas Kurian, CEO- Google Cloud
Thomas Kurian, the CEO of Google Cloud, has been instrumental in expan...