Microsoft apps infected in major malvertising campaign
Hong Kong-based services accused over huge malware campaign
Microsoft users are being warned to beware a dangerous new malware family that is seeing malicious code into Windows apps.
Security researchers at Confiant have uncovered a wide-ranging malvertising campaign that has been targeting apps and services from Microsoft over the past few months, bombarding users with unwanted adverts.
So far the Microsoft News app, Outlook and a number of Microsoft games have been spotted with the malicious adverts, with users across the globe seeing their apps affected.
- Best free anti-malware software of 2019
- Fake Office 365 site installs malware as browser update
- Malvertising campaign infects popular YouTube to MP3 conversion site
Infected
Confiant says it has now uncovered the source of the campaigns - two Hong Kong-based platforms called Fiber-Ads and Clockfollow, both apparently run by the same individual.
The company's investigation found that the two services were used to placed adverts with legitimate providers, before malicious code hidden inside was able to hijack the viewers device networks and redirect them to a completely sepeate site.
This hijacked traffic was then sold off to other cybercriminals using an account on advertising platfrom MyMediaAds, again redirecting users originally accessing supposedly safe apps and websites to sites pushing fake app downloads and other online scams.
"Desktop and mobile devices are targeted in relatively equal quantities, but desktop Windows and iOS are heavily favored by the attacker," Eliya Stein, Confiant senior security engineer, told ZDNet.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Confiant says the campaign has been responsible for over 100 million bad ad impressions this year alone.
Via ZDNet
- The best antivirus services of 2019
Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.