Bezbedan Balkan Opšte teme Vesti, zanimljivosti i razno v
Malicious Traffic Distribution System Spotted by Researchers

Threaded Mode
Malicious Traffic Distribution System Spotted by Researchers
1van Offline
Posting Freak
*****
Posts: 1,728
Threads: 664
Joined: Sep 2022
Reputation: 126
#1
02-18-2024, 12:54 PM
Ono kad se pitamo zašto nas jedan veb sajt odvede na neki deseti...

Quote:In that time frame, the researchers have connected VexTrio to takeovers of multiple legitimate domains - in one case, a compromised hospital website in Colombia infected with malicious JavaScript - and especially WordPress sites with known vulnerabilities, which allow them to reroute user traffic. VexTrio also continues to register "large quantities of domains daily" - adding up so far to at least 70,000 malicious domains - by using a dictionary-based domain-generation algorithm, to give them a ready, ever-changing supply of domains for hosting malicious content.

Quote:The TDS term hails from the marketing realm, where it refers to intermediaries tracking individual internet users and attempting to serve them relevant advertising. The cybercrime take on this approach typically swaps out legitimate, if not always welcome, advertising in favor of serving victims malicious content.

Just as with legitimate advertising, many cybercrime groups appear to be ready and willing to pay for high-quality referrals, based on a variety of criteria they supply to a TDS provider, experts say.


Izvor: https://www.databreachtoday.com/maliciou...rs-a-24166
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Website Find
Reply
y0d4 Away
/dev/null
*******
Posts: 330
Threads: 85
Joined: Sep 2022
Reputation: 109
#2
02-28-2024, 08:25 AM (This post was last modified: 02-28-2024, 08:28 AM by 1van. Edit Reason: Ubačeni detalji. )
nesto slicno
https://thehackernews.com/2024/02/8000-s...rands.html

Quote:8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation

More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization.

Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least September 2022, under the name SubdoMailing. The emails range from "counterfeit package delivery alerts to outright phishing for account credentials."

The Israeli security company attributed the campaign to a threat actor it calls ResurrecAds, which is known to resuscitate dead domains of or affiliated with big brands with the end goal of manipulating the digital advertising ecosystem for nefarious gains.

"'ResurrecAds' manages an extensive infrastructure encompassing a wide array of hosts, SMTP servers, IP addresses, and even private residential ISP connections, alongside many additional owned domain names," security researchers Nati Tal and Oleg Zaytsev said in a report shared with The Hacker News.
Be critical thinker!
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)