Last week we presented you that a huge array of iOS devices are under cyber attack; following that news that a massive malvertising campaign targeting iOS devices hijacked a more than 300 million browser sessions in just 48 hours, cybersecurity experts have released the following statement:
This malvertising campaign is yet another example of clients becoming victims due to cyber attacks against them through their browser. By using ad networks to load content into unprotected web pages, the hackers were able to change the behavior of the pages including automatically taking the user’s browser to unrequested destinations.
This is nothing more then another blow to the digital advertising economy, in addition to impacting websites that make money from display advertisements, as their reputation with their end users will be tarnished by the vulnerabilities created by included content, similar to Magecart.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Customers, on the other hand, are left with an unreliable experience even when doing the right thing, they may be subjected to threats because companies are not protecting the app running in the browser, and only rely on WAF and network security to protect from within the data center. This leaves costumers exposed to significant potential personal, privacy, and financial losses if just a couple lines of code end up running in their browser.
Researchers estimated that the total amount of victims reached 300 million în just 48-hour; which compared to 2017’s largest malvertising campaign that affected 1 billion victims in 1 year, is astonishing;
Researchers estimate that the hacker spent around $200,000 to run the malvertising campaign, which made for him $1 million in 2 days.
For now, the US remains the most targeted zone by this malvertising campaigns; but other locations, like Australia and New Zealand are becoming more and more popular.
Keep in mind that our modern society is dependent on computers, mobile devices, and the use of the internet always stay safe and secured.
We would continue to monitor the cybersecurity world. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.