Tag: adware

8 Attack Reports | 0 Vulnerabilities

Attack reports

Browser Hijacking Techniques: Some education required

This article examines three distinct browser hijacking techniques. The first involves directly modifying browser preference files, such as Firefox's pref.js and Chrome's Preferences and Secure Preferences. The second technique, dubbed BRAT (Browser Remote Access Tool), simulates key presses to cont…
adware
chrome
malicious extensions
firefox
tamperedchef
appsuite
browser hijacking
2025-12-10
baoloader
brat
key simulation
registry manipulation
Published: December 10, 2025
Downloadable IOCs: 5

Hidden Google Play Adware Drains Devices and Disrupts Millions of Users

A large-scale Android adware campaign dubbed 'GhostAd' has been uncovered, affecting millions of users primarily in East and Southeast Asia. The campaign involved multiple apps on Google Play that appeared harmless but created persistent background advertising engines, draining device resources and…
android
persistence
adware
google play
east asia
southeast asia
2025-11-27
advertising sdks
ghostad
app removal
resource drain
Published: November 27, 2025
Downloadable IOCs: 5

Melting Pot of macOS Malware Adds Go to Crystal, Nim and Rust Variants

ReaderUpdate, a macOS malware loader platform active since 2020, has evolved to include variants written in Crystal, Nim, Rust, and now Go programming languages. Originally a compiled Python binary, the malware has been largely dormant until late 2024. The loader is capable of executing remote comm…
malware
loader
persistence
macos
adware
rust
go
2025-03-26
nim
genieo
crystal
silver toucan
dolittle
wizardupdate
updateagent
readerupdate
Published: March 26, 2025
Downloadable IOCs: 12

Proxyware Being Distributed Through Ad Pages

Security researchers have confirmed the unauthorized installation of proxyware on systems through advertisement pages from freeware software sites. The proxyware, identified as DigitalPulse, allows threat actors to share a portion of the system's Internet bandwidth for financial gain without user c…
powershell
lummac2
javascript
adware
downloader
2025-01-21
digitalpulse
proxyware
autoclicker
Published: January 21, 2025
Downloadable IOCs: 3

Malicious CAPTCHA delivers Lumma and Amadey Trojans

An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting…
malvertising
adware
remcos
amadey
infostealers
social-engineering
lumma
captcha
2024-10-29
Published: October 29, 2024
Downloadable IOCs: 1

New Widespread Extension Trojan Malware Campaign

This report discusses a widespread polymorphic malware campaign that forcefully installs malicious browser extensions on endpoints. The malware, originating from imitations of download websites, delivers various malicious payloads, including adware extensions, data stealing scripts, and commands to…
trojan
adware
hijacking
2024-08-07
polymorphic
browser
bankshot
extensions
Published: August 7, 2024
Downloadable IOCs: 0

Fake Microsoft Teams for Mac delivers Atomic Stealer

A malvertising campaign lures Mac users into downloading a counterfeit Microsoft Teams installer containing Atomic Stealer, a data-stealing malware. The campaign uses advanced filtering techniques, compromised ad accounts, and decoy pages to deliver unique payloads that bypass security measures. Up…
malvertising
data theft
stealer
macos
adware
2024-07-12
atomic stealer
Published: July 12, 2024
Downloadable IOCs: 6

macOS Adload Pivots Just Days After Apple’s XProtect Clampdown

The report analyzes a new variant of the Adload adware that evades Apple's recent XProtect malware signature updates. Despite Apple adding 74 new rules targeting Adload in XProtect version 2192, the adware authors have rapidly modified their code to bypass these detections. The report examines a sp…
evasion
macos
dropper
adware
apple
adload
Published: May 1, 2024
Downloadable IOCs: 11
Click here to see more Attack Reports