Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Ethical Hackers

Massive AdSense Fraud Campaign Uncovered

admin by admin
February 14, 2023
in Ethical Hackers


Feb 14, 2023Ravie LakshmananAd Fraud / Online Security

The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infected over 10,800 websites.

“The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID which contain Google ads for revenue generation,” Sucuri researcher Ben Martin said in a report published last week.

Details of the malicious activity were first exposed by the GoDaddy-owned company in November 2022.

The campaign, which is said to have been active since September last year, is orchestrated to redirect visitors to compromised WordPress sites to fake Q&A portals. The goal, it appears, is to increase the authority of spammy sites in search engine results.

“It’s possible that these bad actors are simply trying to convince Google that real people from different IPs using different browsers are clicking on their search results,” Sucuri noted at the time. “This technique artificially sends Google signals that those pages are performing well in search.”

What makes the latest campaign significant is the use of Bing search result links and Twitter’s link shortener (t[.]co) service, along with Google, in their redirects, indicating an expansion of the threat actor’s footprint.

Sucuri

Also put to use are pseudo-short URL domains that masquerade as popular URL shortening tools like Bitly, Cuttly, or ShortURL but in reality direct visitors to sketchy Q&A sites.

Sucuri said the redirects landed on Q&A sites discussing blockchain and cryptocurrency, with the URL domains now hosted on DDoS-Guard, a Russian internet infrastructure provider which has come under the scanner for providing bulletproof hosting services.

“Unwanted redirects via fake short URL to fake Q&A sites result in inflated ad views/clicks and therefore inflated revenue for whomever is behind this campaign,” Martin explained. “It is one very large and ongoing campaign of organized advertising revenue fraud.”

It’s not known precisely how the WordPress sites become infected in the first place. But once the website is breached, the threat actor injects backdoor PHP code that allows for persistent remote access as well as redirect site visitors.

“Since the additional malware injection is lodged within the wp-blog-header.php file it will execute whenever the website is loaded and reinfect the website,” Martin said. “This ensures that the environment remains infected until all traces of the malware are dealt with.”

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Vulnerablity-Checker – Find Email Spoofing Vulnerablity Of Domains

Next Post

CyberGhost is not working with SlingTV? Try this!

Next Post

CyberGhost is not working with SlingTV? Try this!

Recommended

W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names

3 months ago

VS vergeleken met rest van wereld

3 months ago

© 2022 Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.