Microsoft users are being warned to beware a dangerous new malware family that is seeing malicious code into Windows apps.
Security researchers at Confiant have uncovered a wide-ranging malvertising campaign that has been targeting apps and services from Microsoft over the past few months, bombarding users with unwanted adverts.
So far the Microsoft News app, Outlook and a number of Microsoft games have been spotted with the malicious adverts, with users across the globe seeing their apps affected.
- Best free anti-malware software of 2019
- Fake Office 365 site installs malware as browser update
- Malvertising campaign infects popular YouTube to MP3 conversion site
Infected
Confiant says it has now uncovered the source of the campaigns - two Hong Kong-based platforms called Fiber-Ads and Clockfollow, both apparently run by the same individual.
The company's investigation found that the two services were used to placed adverts with legitimate providers, before malicious code hidden inside was able to hijack the viewers device networks and redirect them to a completely sepeate site.
This hijacked traffic was then sold off to other cybercriminals using an account on advertising platfrom MyMediaAds, again redirecting users originally accessing supposedly safe apps and websites to sites pushing fake app downloads and other online scams.
"Desktop and mobile devices are targeted in relatively equal quantities, but desktop Windows and iOS are heavily favored by the attacker," Eliya Stein, Confiant senior security engineer, told ZDNet.
Confiant says the campaign has been responsible for over 100 million bad ad impressions this year alone.
Via ZDNet
- The best antivirus services of 2019
