CyberSecurityBoard
Sponsor Register Login

New Malvertising Campaign Targets Popular Websites with Sophisticated Techniques

A new malvertising campaign has been uncovered targeting popular websites with advanced techniques to distribute malware and steal user data. This campaign uses deceptive ads that redirect users to malicious sites, exploiting browser vulnerabilities and social engineering tactics to maximize infection rates. The attackers employ a combination of drive-by downloads and phishing to compromise victims, highlighting the growing threat of malvertising in the cybersecurity landscape. Website administrators and users are urged to enhance their security measures, including updating software, using ad blockers, and educating users about suspicious ads. This article explores the methods used in the campaign, the potential impact on users and businesses, and best practices to mitigate such threats. With the rise of digital advertising, malvertising represents a significant risk that requires coordinated efforts from cybersecurity professionals, advertisers, and platform providers to combat effectively.

This Cyber News was published on cybersecuritynews.com. Publication date: Sat, 13 Sep 2025 07:30:15 +0000


Cyber News related to New Malvertising Campaign Targets Popular Websites with Sophisticated Techniques

The Surge of FakeBat Malware in Search-Based Malvertising Campaigns - In recent months, cybersecurity researchers have observed a concerning surge in search-based malvertising campaigns, with documented incidents nearly doubling compared to previous periods. Amidst this uptick in online threats, one particular malware ...
1 year ago Cysecurity.news
FakeBat delivered via several active malvertising campaigns - February was a particularly busy month for search-based malvertising with the number of incidents we documented almost doubling. We saw similar payloads being dropped but also a few new ones that were particularly good at evading detection. One ...
1 year ago Malwarebytes.com Cloak
New Malvertising Campaign Targets Popular Websites with Sophisticated Techniques - A new malvertising campaign has been uncovered targeting popular websites with advanced techniques to distribute malware and steal user data. This campaign uses deceptive ads that redirect users to malicious sites, exploiting browser vulnerabilities ...
4 months ago Cybersecuritynews.com
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers - A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. "This incident is a part of a larger malvertising ...
2 years ago Thehackernews.com Cloak
FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection - An ongoing malvertising campaign is being used to distribute virtualized. NET loaders that are designed to deploy the FormBook information-stealing malware. "The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion ...
2 years ago Thehackernews.com
Microsoft says malvertising campaign impacted 1 million PCs - The malvertising videos redirected users to the GitHub repos that infected them with malware designed to perform system discovery, collect detailed system info (e.g., memory size, graphic details, screen resolution, operating system (OS), and user ...
10 months ago Bleepingcomputer.com
Many popular websites still cling to password creation policies from 1985 - A significant number of popular websites still allow users to choose weak or even single-character passwords, researchers at Georgia Institute of Technology have found. The researchers used an automated account creation method to assess over 20,000 ...
2 years ago Helpnetsecurity.com
Malvertisers zoom in on cryptocurrencies and initial access - While Zoom is used by millions of people around the world, these campaigns are likely targeting victims who are into cryptocurrencies as well as corporate users, in order to gain access to company networks. The threat actors are using a number of ...
2 years ago Malwarebytes.com Cloak
Opening a Can of Whoop Ads: Detecting and Disrupting a Malvertising Campaign Distributing Backdoors - Earlier this year, Mandiant's Managed Defense threat hunting team identified an UNC2975 malicious advertising campaign promoting malicious websites themed around unclaimed funds. In each investigation under this campaign, Mandiant identified browser ...
2 years ago Mandiant.com
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks - Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet, that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for ...
1 year ago Microsoft.com
SocGholish Leveraging Compromised Websites To Deploy RansomHub Ransomware - Security experts recommend implementing robust web filtering solutions, keeping browsers updated, and training users to recognize fake update notifications as critical mitigation strategies against this evolving threat. The infection begins when ...
9 months ago Cybersecuritynews.com Ransomhub
Iranian Phishing Campaign Targets Israel-Hamas War Experts - Iran-linked threat actors are targeting high-profile researchers working on the Israel-Hamas conflict via a sophisticated social engineering campaign, according to Microsoft Threat Intelligence. The threat actor Mint Sandstorm, which has ties to ...
1 year ago Infosecurity-magazine.com
Pirated Software Puts Mac Users at Risk as Proxy Malware Emerges - Malware is being targeted at Mac users who receive pirated versions of popular apps from warez websites after they choose to download them from those websites. Various reports state that cybercriminals are infecting macOS devices with proxy trojans ...
2 years ago Cysecurity.news
CVE-2008-7092 - Multiple cross-site scripting (XSS) vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote attackers to inject arbitrary web script or HTML via a Javascript event in the (1) url, (2) PageName, and (3) title parameters in a ...
8 years ago
Arc browser's Windows launch targeted by Google ads malvertising - A new Google Ads malvertising campaign, coinciding with the launch of the Arc web browser for Windows, was tricking people into downloading trojanized installers that infect them with malware payloads. The Arc browser is a new web browser featuring ...
1 year ago Bleepingcomputer.com
Weaponized Versions of PuTTY and WinSCP Attacking IT Admins Via Search Results - Arctic Wolf security researchers have uncovered a dangerous search engine optimization (SEO) poisoning and malvertising campaign that has been targeting IT professionals since early June 2025. The campaign uses fake websites hosting Trojanized ...
6 months ago Cybersecuritynews.com
SIEM agent being used in SilentCryptoMiner attacks | Securelist - The most interesting action in this attack was the implementation of unusual techniques like using an SIEM agent as backdoor, adding the malicious payload to a legitimate digital signature, and hiding directories containing malicious files. The ...
1 year ago Securelist.com
Russian Cyberattackers Launch Multiphase PsyOps Campaign - Russia-linked threat actors employed both PysOps and spear-phishing to target users over several months at the end of 2023 in a multiwave campaign aimed at spreading misinformation in Ukraine and stealing Microsoft 365 credentials across Europe. The ...
1 year ago Darkreading.com
ClickFake Interview - Lazarus Hackers Exploit Windows & macOS Users Fake Job Campaign - The ClickFake Interview campaign builds upon the tactics of Contagious Interview, which targeted software developers via fake job interviews conducted on platforms like LinkedIn or X (formerly Twitter). The Lazarus Group, a North Korean ...
9 months ago Cybersecuritynews.com Lazarus Group
Rhysida OysterLoader Malvertising Campaign Leverages 40 Code Signing Certificates - A recent malvertising campaign involving the Rhysida group has been uncovered, leveraging the OysterLoader malware. This campaign is notable for its use of over 40 distinct code signing certificates, which help the malware evade detection and appear ...
2 months ago Scworld.com Rhysida
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs - Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and ...
1 year ago Microsoft.com
Cybercriminals expand targeting of Iranian bank customers with known mobile malware - Researchers have uncovered more than 200 fake mobile apps that mimic major Iranian banks to steal information from their customers. The campaign was first discovered in July of this year, but since then, the cybercriminals have expanded their ...
2 years ago Therecord.media
Arcane Stealer Via YouTube Videos Steal Data From Network Utilities Including VPN & FileZilla - Security experts advise users to be extremely cautious when downloading supposed game cheats or cracks from YouTube videos, particularly those that require extracting password-protected archives or running batch files. The malware, discovered in late ...
9 months ago Cybersecuritynews.com
Proofpoint Exposes Sophisticated Social Engineering Attack on Recruiters That Infects Their Computers With Malware - Recruiters and anyone else involved in hiring processes should be knowledgeable about this social engineering attack threat. A new report from U.S.-based cybersecurity company Proofpoint exposes a new attack campaign operated by a ...
2 years ago Techrepublic.com
New JSCEAL Attack Targeting Crypto App Users To Steal Credentials and Wallets - The malware represents a notable shift in cybercriminal tactics, as it employs Node.js to execute compiled JavaScript (JSC) payloads, effectively concealing malicious code from traditional security mechanisms and making static analysis extremely ...
5 months ago Cybersecuritynews.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)