Krebs on Security

DECEMBER 19, 2024

Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. ” According to Intel 471, this same Discord account was advertised in 2019 by a person on the cybercrime forum Cracked who used the monikers “ ORN ” and “ ori0n.” 2023 on the forum Cracked. .”

Hacking 225

Hacking Cybercrime Advertising Data breaches 225

Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals.

Retail 248

Retail Advertising Cryptocurrency Marketing 248

Penetration Testing

NOVEMBER 2, 2024

In a world increasingly dependent on online advertising, cybercriminals have seized an opportunity to exploit Meta’s vast advertising ecosystem.

Advertising 133

Advertising Cybersecurity Malware 133

The Hacker News

NOVEMBER 5, 2024

million) by South Korea's data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent. Meta has been fined 21.62 billion won ($15.67

Advertising 130

Advertising Data privacy 130

Krebs on Security

NOVEMBER 19, 2024

The original October 31 post from abyss0, where they advertise the sale of data from several large banks that are customers of a large financial software company. A review of abyss0’s posts to BreachForums reveals this user has offered to sell databases stolen in several dozen other breaches advertised over the past six months.

Data breaches 285

Data breaches Banking Cybercrime Advertising 285

Schneier on Security

JANUARY 18, 2022

Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they’ll lean heavily on the “think of the children!” ” rhetoric we’re seeing in this current wave of the crypto wars.

Encryption 363

Encryption Government Advertising Marketing 363

Malwarebytes

DECEMBER 3, 2024

We’ve identified specific advertiser accounts that make up the bulk of fraudulent ads we have reported to Google this past year. For instance, one advertiser had over 30 reported incidents in the past 3 months. It’s unclear why Google has not taken definitive action on the advertiser profiles we have reported.

Scams 134

Scams Advertising Accountability Engineering 134

Malwarebytes

SEPTEMBER 12, 2024

We’ve uncovered a malicious campaign going after Mac users looking for support or extended warranty from Apple via the AppleCare+ support plans. The perpetrators are buying Google ads to lure in their victims and redirect them to bogus pages hosted on GitHub , the developer and code repository platform owned by Microsoft.

Advertising 141

Advertising Scams Social Engineering Banking 141

Malwarebytes

MARCH 12, 2025

As the company behind the Android Operating System (OS), the Google Play Store, the most popular search engine in the world, and part of the leading company in digital advertising (Alphabet), Google has obtained a position where it would be hard not to profit from. Ever considered not telling them who I am?

Advertising 139

Advertising Accountability Marketing Engineering 139

Malwarebytes

FEBRUARY 19, 2025

For years, Google has been saying it will phase out the third-party tracking cookies that power much of its advertising business online, proposing new ideas that would allegedly preserve user privacy while still providing businesses with steady revenue streams. But it’s not been straight forward for Google. What can I do?

Advertising 132

Advertising VPN Internet Internet 132

Schneier on Security

NOVEMBER 3, 2021

Scammers are using that prestigious domain name to shill brands : Basically, it appears that anyone with $300 to spare can ­– or could, depending on whether Harvard successfully shuts down the practice — advertise nearly anything they wanted on Harvard.edu, in posts that borrow the university’s domain and prestige while making no mention (..)

Accountability 346

Accountability Advertising Scams 346

Schneier on Security

APRIL 4, 2024

The ProtonMail people are accusing Microsoft’s new Outlook for Windows app of conducting extensive surveillance on its users.

Surveillance 356

Surveillance Advertising Data collection 356

Security Boulevard

JANUARY 24, 2025

A malicious generative AI chatbot dubbed "GhostGPT" is being advertised to cybercriminals on underground forums as a tool for more quickly and efficiently creating malware, running BEC attacks, and other nefarious activities, lowering the barrier for less-skilled hackers to launch attacks.

Advertising 129

Advertising Malware Social Engineering Engineering 129

Krebs on Security

JUNE 22, 2022

” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. Even today, the RUSdot Mailer is advertised for sale at the top of the RUSdot community forum.

Advertising 311

Advertising Cybercrime System Administration Hacking 311

Krebs on Security

MARCH 20, 2023

Until recently, AT&T also shared CPNI data with Xandr , whose privacy policy in turn explains that it shares data with hundreds of other advertising firms. EPIC says T-Mobile customer data sold to third parties uses another unique identifier called mobile advertising IDs or “ MAIDs.”

Mobile 312

Mobile Wireless Advertising Telecommunications 312

Krebs on Security

FEBRUARY 1, 2021

SMS Bandits also provided their own “bulletproof hosting” service advertised as a platform that supported “freedom of speach” [sic] where customers could “host any content without restriction.” agency advertises a service designed to help intercept one-time passwords needed to log in to various websites.

Phishing 355

Phishing Telecommunications Advertising Mobile 355

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malicious code was advertised on cybercrime forums for $3,000 per month. The malware can collect cookies, logins and browsing history, but from Safari only cookies can be collected.

Malware 119

Malware Advertising Antivirus Cybercrime 119

Adam Levin

FEBRUARY 8, 2021

A December 2020 update infected users with a Trojan-style malware that bombards users with unwanted advertising. may also allow a bad player to place invasive data tracking on your device as well as annoying advertising. Barcode Scanner is an app available in the Google Play store for Android devices.

Mobile 303

Mobile Advertising Malware Risk 303

Security Affairs

FEBRUARY 2, 2025

The Saim Raza group run multiple marketplaces that advertised and facilitated the sale of hacking and fraud tools, including malware, phishing kits and email extractors. The HeartSender group advertised its tools as fully undetectable by antispam software. These tools are essential components to build and run fraud operations.

Cybercrime 108

Cybercrime Advertising Phishing Hacking 108

Schneier on Security

NOVEMBER 12, 2020

Apple will start requiring standardized privacy labels for apps in its app store, starting in December: Apple allows data disclosure to be optional if all of the following conditions apply: if it’s not used for tracking, advertising or marketing; if it’s not shared with a data broker; if collection is infrequent, unrelated to the app’s (..)

Advertising 358

Advertising Marketing Accountability Software 358

Krebs on Security

FEBRUARY 17, 2020

” “Next an ad serving limit will be placed on your publisher account and all the revenue will be refunded to advertisers. In this scam, the extortionists are likely betting that some publishers may see paying up as a cheaper alternative to having their main source of advertising revenue evaporate.

Scams 358

Scams Advertising Accountability Web Fraud 358

Tech Republic Security

OCTOBER 29, 2024

Malvertising is a shortened mash-up of “malicious advertising.” These malicious ads are difficult to detect, and are served to internet users using legitimate advertising networks and publishing platforms, such as the Google Search Network.

Advertising 89

Advertising Cybersecurity Internet Internet 89

Malwarebytes

NOVEMBER 1, 2024

SEO poisoning is a technique employed by cybercriminals to manipulate search engine results, making harmful websites or advertisements appear at the top of search results. Did the advertisement you clicked on take you to the expected web shop? So, what can consumers do to stay safe?

Phishing 120

Phishing Advertising Engineering Risk 120

Krebs on Security

JANUARY 25, 2024

For example, a Google search earlier this week for the free graphic design program FreeCAD produced the following result, which shows that a “Sponsored” ad at the top of the search results is advertising the software available from freecad-us[.]org. million advertiser accounts. Google says it removed 5.2

Software 312

Software Advertising Malware Accountability 312

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. The bulletproof hosting provider BEARHOST. This screenshot has been machine-translated from Russian.

Malware 234

Malware Antivirus Software DDOS 234

Krebs on Security

MAY 5, 2021

This week, messaging security vendor Proofpoint published some new data on the rise of these malicious Office 365 apps, noting that a high percentage of Office users will fall for this scheme [full disclosure: Proofpoint is an advertiser on this website]. A cybercriminal service advertising the sale of access to hacked Office365 accounts.

Accountability 347

Accountability Advertising Passwords Phishing 347

Malwarebytes

OCTOBER 30, 2024

That means that a victim’s device could be compromised just by visiting a malicious website or advertisement. This vulnerability, tracked as CVE-2024-10487 , can be used by cybercriminals as a drive-by download. The vulnerability was found in Dawn, an open source and cross-platform implementation of the WebGPU -standard.

Spyware 143

Spyware Architecture Advertising Engineering 143

Krebs on Security

MARCH 10, 2020

was originally advertised on the public Russian-language hacking forum Antichat by a venerated user in that community who goes by the alias “ Isis.” ” A Google Translate version of that advertisement is here (PDF). Isis’ profile on antichat. ru — wasn’t working at the time.

Accountability 337

Accountability Advertising Hacking Cybercrime 337

Schneier on Security

FEBRUARY 16, 2021

Users began noticing something weird going on with their phones: their default browsers kept getting hijacked and redirected to random advertisements, seemingly out of nowhere. But a December 2020 update included some new features: However, a rash of malicious activity was recently traced back to the app. That’s not the case here.

Advertising 314

Advertising Malware 314

Krebs on Security

NOVEMBER 1, 2024

A service advertised on the English-language crime community BreachForums in October courts phishers who may need help with certain aspects of their phishing campaigns targeting booking.com partners. One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account.

Phishing 255

Phishing Accountability Artificial Intelligence Cybercrime 255

Krebs on Security

NOVEMBER 17, 2020

This is evident by the apparent scale of the infrastructure behind a relatively new company based in Montenegro called PushWelcome , which advertises the ability for site owners to monetize traffic from their visitors. An ad from PushWelcome touting the money that websites can make for embedding their dodgy push notifications scripts.

Antivirus 357

Antivirus Advertising Internet Internet 357

Schneier on Security

FEBRUARY 1, 2024

Empower social media platform users and researchers to review who and what exactly is being advertised on Facebook. Improve the ability for consumers to take advantage of their right to opt out under state privacy laws. Improve the transparency of Facebook’s existing tools. And then the report gives specifics.

Surveillance 352

Surveillance Advertising Media Data privacy 352

Krebs on Security

APRIL 1, 2021

NB: KrebsOnSecurity has not changed any of its advertising practices: The handful of ads we run are still image-only creatives that are vetted by me and served in-house. Hopefully, we achieved that and this new design will render well in whatever device you use to view it.

Mobile 291

Mobile Advertising 291

Malwarebytes

FEBRUARY 27, 2025

Overview Scammers are creating ads impersonating PayPal from various advertiser accounts that may have been hacked. This is not a coincidence of course, and is why search advertising is worth billions of dollars. The ad displays the official website for PayPal, yet is completely fraudulent.

Scams 114

Scams Mobile Small Business Advertising 114

Security Affairs

NOVEMBER 24, 2024

To advertise the marketplace, PopeyeTools allegedly promised to refund or replace purchased credit cards that were no longer valid at the time of sale. seized $283,000 in cryptocurrency from an account linked to Sami as part of actions against the illicit activities of PopeyeTools.

Cybercrime 129

Cybercrime Cryptocurrency Banking Accountability 129

Krebs on Security

MARCH 3, 2020

And as we’ll see, it’s not uncommon for extension makers to sell or lease their user base to shady advertising firms, or in some cases abandon them to outright cybercriminals. The opt-out feature referenced in the text above doesn’t actually work because it points to a domain that no longer resolves — thisadsfor[.]us.

Advertising 329

Advertising Insurance Internet Internet 329

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing 294

Manufacturing Spyware Surveillance Marketing 294