In February this year, Check Point researchers revealed that a new malware named ‘Ducktail’ was behind the Facebook (FB) employees who were taking care of ad campaigns and their motive was to take hold of the direct payments made to them by customers or to hijack the ad campaigns to place their advertisements.
Now, a new campaign of similar type has emerged on the dark web and it is taking a step ahead in malevolent behavior as it is found stealing browser data, currency from cryptocurrency wallets and credentials related to FB accounts.
As these malicious campaigns are being hosted in ZIP format on various file hosting providers in the PHP script, it is hard to detect such campaigns.
The campaign operatives are simple, lure the victim with flashy ads with X rated content, subtitled files (SRT), games, or cracked MS software. And when the victim clicks such files, a malware installs in the background in disguise of fake application and starts operating without the knowledge of the device users.
Now, the big question-how to avoid falling prey to such malware?
a.) It’s simple: never click on links that have flashy ads and those which are not convincing at all; especially the ones posted on various social media platforms, including LinkedIn.
b.) Avoid downloading content such as music, image, and video files from websites that have been red-flagged.
c.) Secure your device with anti-malware solutions.
d.) Keep your data backed up that can be revived on time when required.
e.) Be vigilant while signing up for ad campaigns.