Cybersecurity researchers have released today a new warn! They have discovered that a new malvertising campaign is using clever steganography techniques to target Apple users from around the world.
At first, it was found that the devious VeryMal hacker group was running multiple campaigns since August 2018; that had the main reason to redirect users to a veryield-malyst domain.
VeryMal hits Mac and iOS users from the US. The VeryMal campaigns are powerful and short! They are only active for a few days and mainly affect a quarter of the top 100 publisher sites.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Worrying is the fact that a single recent campaign has infected more than five million users by using steganography to hide the malware from cybersecurity solutions.
Whit every new improvement and every new feature for the cybersecurity solutions, hackers find another sophisticated way of obfuscation to get the job done and infect new targets.
In this particular case, the campaign is designed to deliver a trojan known as Shlayer. The steganography way, in the case of Shlayer is hiding it inside an image file
For those who don’t know Shlayer is an adware installer which uses a never been seen installation routine that will evade any detection.
Sadly the financial loss of just one day of this campaign is calculated at over $1.2m
Ad exchanges also affected because inventory access is cut off, and advertisers suffer from ad fraud.
To make an idea of how big the problem is experts are telling us that just in December over 437,000 Apple users were affected by VeryMal hacker group.
We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.