Microsoft apps infected in major malvertising campaign

malware malvertising
(Image credit: Pixabay)

Microsoft users are being warned to beware a dangerous new malware family that is seeing malicious code into Windows apps.

Security researchers at Confiant have uncovered a wide-ranging malvertising campaign that has been targeting apps and services from Microsoft over the past few months, bombarding users with unwanted adverts.

So far the Microsoft News app, Outlook and a number of Microsoft games have been spotted with the malicious adverts, with users across the globe seeing their apps affected.

Infected

Confiant says it has now uncovered the source of the campaigns - two Hong Kong-based platforms called Fiber-Ads and Clockfollow, both apparently run by the same individual.

The company's investigation found that the two services were used to placed adverts with legitimate providers, before malicious code hidden inside was able to hijack the viewers device networks and redirect them to a completely sepeate site.

This hijacked traffic was then sold off to other cybercriminals using an account on advertising platfrom MyMediaAds, again redirecting users originally accessing supposedly safe apps and websites to sites pushing fake app downloads and other online scams.

"Desktop and mobile devices are targeted in relatively equal quantities, but desktop Windows and iOS are heavily favored by the attacker," Eliya Stein, Confiant senior security engineer, told ZDNet.

Confiant says the campaign has been responsible for over 100 million bad ad impressions this year alone.

Via ZDNet