Tag: malvertising
Secret Service Hot on the Trail of Cybercriminal “Stalin”
The United States Secret Service is doubling down on the search for cybercriminal “Stalin.” On August 26, 2024, the U.S Department of State partnered with the US Secret Service to put out a bounty of up to $2.5 million for information leading to the arrest of Belarusian hacker Volodymyr Kadariya, sometimes going by the alias “Stalin.” Kadariya was allegedly part of a malicious advertising (“malvertising”) ring responsible for transmitting the Angler Exploit Kit, a toolkit utilized by threat actors to exploit vulnerabilities in a system or code.
Beware weaponized Google Ads
Cybercriminals are exploiting a previously unseen backdoor to substitute ‘malvertizing’, weaponized bogus ads to push them to the top of Google searches. The attacks are particularly dangerous to corporations of all sizes, as they are aimed squarely at in-house IT professionals, who invariably hold the keys to the organization’s digital kingdom The unknown threat actor(s) ' selection of spoofed software evidences that cybercriminals’ targets primarily consist of IT professionals, particularly those in IT security and network administration roles, according to research from Zscaler ThreatLabz. “Beginning in March of 2024, Zscaler ThreatLabz observed a threat actor weaponizing a cluster of domains masquerading as legitimate IP scanner software sites to distribute a previously unseen backdoor. The threat actor registered multiple look-alike domains…and leveraged Google Ads to push these domains to the top of search engine results targeting specific search keywords,” says Zscaler ThreatLabz.