A naukri.com initiative
Tech Radar
3w
74
Image Credit: Tech Radar
WordPress hackers are teaming up with commercial adtech firms to distribute malware to millions of users - here's how to stay safe
- Recent investigations have uncovered an alliance between WordPress hackers and adtech firms for distributing malware globally.
- VexTrio, a traffic distribution system, serves as a key player rerouting users through deceptive ads and push notifications.
- Commercial companies like Los Pollos, Partners House, and RichAds are implicated in this malicious network.
- Los Pollos' ties to VexTrio were highlighted in Russian disinformation campaigns.
- Malicious activities persisted post Los Pollos' shutdown as attackers shifted to a new TDS called Help, linked back to VexTrio.
- WordPress vulnerabilities were exploited for malware campaigns using DNS TXT records for malicious redirects.
- Multiple malware strains shared infrastructure patterns leading to VexTrio or its proxies.
- Adtech platforms embed malicious scripts deterring browser controls and luring users with fake sweepstakes.
- Hackers leverage fake CAPTCHA prompts to trick users into enabling push notifications for phishing and malware links.
- Users are advised to avoid suspicious alerts, use ZTNA tools, update WordPress, and monitor DNS for anomalies.
- Adtech firms hold the power to shut down these operations.
- Users must stay cautious to mitigate risks associated with malware distribution.
- Security measures like ZTNA and WordPress updates are crucial to prevent compromises.
- Adtech companies could play a vital role in dismantling such operations.
- Users need to be vigilant against fake CAPTCHA prompts and suspicious browser alerts.
- Preventive measures include monitoring DNS activities and relying on ZTNA tools.
- The overlap between different adtech platforms complicates attribution and detection.
Read Full Article
4 Likes
For uninterrupted reading, download the app