Cybercriminals use online advertising to direct people to fake versions of popular software to trick users into downloading their malware.


This article makes the following points:
  • Researchers believe victims are downloading fake installers of popular software onto their systems via malvertising (malicious online adverts).
  • Users are likely to be looking for legitimate versions of software, such as ViberWeChat or video games like Battlefield but get directed to the malicious versions by malvertising. 
  • In this scam, there are three forms of malware:
  1. A password stealer known as Redline steals all usernames and passwords.
  2. A backdoor called MagnatBackdoor allows attackers to gain remote access to the PC. 
  3. A malicious browser extension named MagnatExtension enables keylogging and taking screenshots of what the infected user is viewing. 
  • These attacks have been named 'magnat-attacks' by cybersecurity researchers at Cisco Talos
  • The cybercriminals behind these attacks have spent years developing and updating the malware, and that's likely to continue.