Microsoft apps infected in major malvertising campaign

malware malvertising
(Image credit: Pixabay)

Microsoft users are being warned to beware a dangerous new malware family that is seeing malicious code into Windows apps.

Security researchers at Confiant have uncovered a wide-ranging malvertising campaign that has been targeting apps and services from Microsoft over the past few months, bombarding users with unwanted adverts.

So far the Microsoft News app, Outlook and a number of Microsoft games have been spotted with the malicious adverts, with users across the globe seeing their apps affected.

Infected

Confiant says it has now uncovered the source of the campaigns - two Hong Kong-based platforms called Fiber-Ads and Clockfollow, both apparently run by the same individual.

The company's investigation found that the two services were used to placed adverts with legitimate providers, before malicious code hidden inside was able to hijack the viewers device networks and redirect them to a completely sepeate site.

This hijacked traffic was then sold off to other cybercriminals using an account on advertising platfrom MyMediaAds, again redirecting users originally accessing supposedly safe apps and websites to sites pushing fake app downloads and other online scams.

"Desktop and mobile devices are targeted in relatively equal quantities, but desktop Windows and iOS are heavily favored by the attacker," Eliya Stein, Confiant senior security engineer, told ZDNet.

Confiant says the campaign has been responsible for over 100 million bad ad impressions this year alone.

Via ZDNet

Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

Latest in Security
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Avast cybersecurity
UK cybersecurity sector could be worth £13bn, research shows
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Trump
Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam
Latest in News
GTA 5
GTA Online publisher Take-Two is gunning for a black market that’s basically heaven for cheaters
Y2K cast looking shocked
Y2K has a streaming release date on Max, so you can witness the technology uprising at home
The Discovery+ homepage
Discovery+ just got a big update to its streaming app that makes it more like Max – here are 5 great new features to try
Two Android phones on a green and blue background showing Google Messages
Struggling with slow Google Messages photo transfers? Google says new update will make 'noticeable difference'
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Meet create custom backgrounds
More AI features are coming to Google Workspace