Threat actors are exploiting Microsoft Edge’s News Feed to conduct a malvertising campaign by injecting online advertisements and redirecting potential victims to websites pushing tech support scams, according to security researchers at Malwarebytes. This campaign has been ongoing for at least two months and is currently one of the most extensive operations based on the amount of telemetry noise. Threat actors have been observed injecting multiple malicious ads into Edge’s news feed, which are linked to more than a dozen domains, at least one of which is known for hosting a browser locker in the past. Reportedly, threat actors are leveraging the Taboola ad network to redirect potential victims to the scam landing pages. Eventually, a fake browser locker page appears attempting to lure victims into calling the threat actors and convincing the victim into paying for an expensive product to supposedly “fix” the problem on their device. Members are encouraged to remind users of the prevalence of “tech support” scams. Access the full report at Malwarebytes or read more at BleepingComputer.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!