On Wednesday, and probably the previous days, Equifax's credit report assistance website (aa.econsumer.equifax.com) was caught redirecting users to all sort of nasty websites that were peddling fake Flash Player update files laced with adware, fake Android and iOS updates, and scam sites offering products at cheap prices.
A malvertising group nicknamed KovCoreG by security researchers has been using fake browser and Flash updates to trick users into installing the Kovter malware.
Peteris Sahurovs, a Latvian hacker known as "Sagade," was extradited to the US and appeared in Minneapolis court today in regards to accusations of running a scareware operation that pocketed the crook and his partners over $2 million.
A malvertising campaign detected on a popular forum is forcibly downloading an Android app on users' devices, which later installs a second app with more intrusive features and which is almost impossible to remove without flashing the user's phone.
Malicious ads displayed in Google search results for Target — the US retailer — redirected users to a tech support scam.
Ad blockers, our last hope against the onslaught of malvertising campaigns, appear to have fallen, as today, Malwarebytes published new research detailing a malvertising campaign that successfully bypasses ad blockers to deliver their malicious payload.
King of copy-paste exploits, the Sundown exploit kit, has been offline since March 8, and this also includes most of its variations, according to security researcher Kaffeine and Jérôme Segura of Malwarebytes.
It appears that for at least one day, Skype has served malicious ads, which in turn pushed a fake Flash Player update onto users. The malicious ads came to light after Reddit and Twitter users complained about Skype forcing a Flash Player update down their throat.
Microsoft has patched a zero-day vulnerability that was used in the massive AdGholas malvertising campaign and later integrated into the Neutrino exploit kit.
Security researchers from Malwarebytes have discovered a new malvertising campaign targeting visitors of several adult websites, spreading the Ramnit trojan and focusing on users from Canada and the UK.
A malvertising campaign has specifically targeted and redirected Chrome users to a website they couldn't leave unless they agreed to install a rogue Chrome extension.
Reports released by different security vendors highlight that spam campaigns grew tremendously in 2016, as exploit kit activity fell after the three major players went down.
Facebook users in France are subject to a wave of malicious ads, which if clicked, will redirect them to a website hosting a tech support scam.
Malicious ads displayed on several adult websites and a store selling quadrocopters (drones) are infecting visitors with a new version of the BandarChor ransomware.
Malicious ads are serving exploit code to infect routers, instead of browsers, in order to insert ads in every site users are visiting. Discovered by security researchers from US security firm Proofpoint, this malvertising campaign is powered by a new exploit kit called DNSChanger EK.
Crooks distributing the Svpeng Android banking trojan have discovered a flaw in how Google Chrome for Android handles file downloads and have used it to forcibly and secretly download their malicious payload on the devices of over 318,000 users in the span of three months, starting with July 2016.