Categories: News

Malvertising campaign affected millions of innocent users

A malvertising campaign was behind the breach of more than 120 servers. Over the past year. “Tag Barnakle” managed to inject code, in order to show malicious ads. The ads would redirect users to malicious websites. Thus, it exposes them to malware or scamware.

What is a malvertising campaign?

A malvertising campaign is the practice hackers use to incorporate malware in online ads. Usually, operators infiltrate the ad-tech systems, buy space on legitimate websites and then run malicious ads. In order to do this, they use “convincing personas”.

But Tag Barnakle is different, as it can bypass this step. Thus, it manages to “mass compromise the ad serving infrastructure,” according to Eliya Stein, Confiant security researcher.

Stein mentioned that this leap comes after the same campaign managed to compromise 60 servers in April, last year. The infections targeted the open-source Revive advertising server.

An upgrade to reach different devices

The malvertising campaign seems to keep the same path, but villains managed to upgrade their tools. So, hackers can target mobile devices, after last year they focused only on desktop computers. “Tag Barnakle is now pushing mobile targeted campaigns,” Stein added.

During this campaign, websites which receive ads through hacked servers use users’ data and deliver a JavaScript payload, later. These redirect then users to malicious websites. The main purpose is to lure them to a fake app store.

There, they list fake apps (security, safety, or VPN) that also carry hidden subscription costs. Also, some of them hijack the traffic for a second time.

According to Confiant, the reach of Tag Barnakle might be of “hundreds of millions of devices.” This happens because an important number of ad platforms and media companies use Revive’s server solution.

Stein considers this a “conservative estimate,” as hackers lure their victims with low frequency. The reason is “to slow down detection of their presence.”

Laurentiu Titei

Laurentiu, a creative content writer, has been producing articles about technology for more than 10 years. He is interested in all the security and internet news and his mainstream media background helps make them readable for all kinds of users. Moreover, he grows the appropriate social media channels for websites.

Recent Posts

Digital Advertising practices, under the pressure of fines

Its digital advertising practices continue to bring troubles for Google. Two separate cases will go to court in the UK…

2 years ago

Advertising discrimination, addressed by huge companies

WPP, Delta Airlines, Kellogg and Mindshare take the issue of advertising discrimination seriously, in order to combat bias in digital…

2 years ago

Ad fraud might hit $100B, advertising companies worry

Ad fraud has become a very big issue for both users and the advertising agencies. Different forms of it might…

3 years ago

The ad-based business model: Would Facebook change it?

The Facebook lead architect of the ad-based business model leaves the company. Let's see how her move could affect company's…

3 years ago

Here it comes: New Meta privacy policy. Does it matter?

A new Meta privacy policy comes soon for the company's platforms. Users would be notified of the updates about how…

3 years ago

Advertising company: ”Our customers don’t like ads”

As its “customers don't like ads,” Evite, an American online party planner, decided to just close its advertising business, while…

3 years ago