![]() These enable keylogging and capture screenshots of whatever is displayed on the user’s screen. These installers do not install the advertised software but three forms of malware, including a password stealer, a malicious browser extension, and a backdoor. The attacks distribute two forms of undocumented custom-made malware.Īccording to researchers, victims are lured through malvertising, which involves malicious online ads, to download fake installers onto their systems. Researchers believe that the campaign has been active since 2018, and since then, the malware has been under development constantly. Cisco Talos researchers named this campaign Magnat because the malware payloads are tied to an unidentified actor using the alias Magnat. The objective is to steal data and credentials from the compromised system and maintain remote access. ![]() A security researcher alerted Google of the malvertising campaign in Aug 2021. Researchers believe that the campaign has been active since 2018, and since then, the malware has been under development constantly.Ĭisco Talos researchers have identified malvertising campaigns using fake installers of popular games and applications, such as WeChat, Viber, Battlefield, and NoxPlayer, to lure users into downloading an undocumented, malicious Google Chrome extension and a backdoor.
0 Comments
Leave a Reply. |