Have any question?
Call (403) 210-2927
Call (403) 210-2927
Sometimes you might be browsing the Internet and come across an advertisement for free downloads of Windows applications. Obviously, this is too good to be true, and hackers tend to exploit advertisements to spread their influence across devices. Malvertising is used to deliver various types of threats, all of which can cause considerable harm to unprepared businesses.
The particular malvertisement threat in question is a new campaign targeting users in Canada, the United States, Europe, Australia, and Nigeria, and it aims to steal information like usernames, passwords, and other sensitive credentials.
ZDNet reports that this new malvertising campaign—called Magnat by Cisco Talos—spreads a malicious browser extension using Trojan malware, providing a backdoor entrance to the user’s device. This new, as-yet-undocumented threat appears to be custom-built over the past several years. Other types of malware used in this campaign include a password stealer which is installed on the user’s device through the use of the backdoor.
The browser extension (also a keylogger) and the password stealer are standard fare for threats, but the backdoor, called MagnatBackdoor, is a special type that allows attacks to gain remote control over a PC without detection. It also adds a new user to the device and installs keyloggers, as well as other malware, that enable the attacker to steal sensitive information. Researchers believe that the threat works like a banking trojan with the primary aim being to steal credentials for individual sale on the Dark Web. Of course, the credentials could also be used by the attackers, too.
This malware is distributed primarily through advertisements that link to malicious file downloads, with the big kicker being that these adverts advertise popular software applications. While there is reason to be concerned about this campaign, however, it’s also important to know that it’s nothing new. These threats are commonplace and security researchers, as well as security professionals in the field like ourselves, fully understand how to keep your devices as safe as possible.
OnSite I.T. wants to help your business keep itself safe from these types of threats (and more). If you need some pointers on how to keep your employees from clicking on these advertisements, we can provide training, as well! To learn more, reach out to us at (403) 210-2927.
Interested in seeing what we can do for your business? Contact us to see how we can help you!
Our network assessment will reveal hidden problems, security vulnerabilities, and other issues lurking on your network.
Learn more about what OnSite I.T. can do for your business.
OnSite I.T.
429 14th St. N.W. #104
Calgary, Alberta T2N 2A3
Comments