Nearly 1 million Windows devices targeted in advanced “malvertising” spree

The campaign targeted “nearly one million” equipment from both individuals and organizations and industries, nearly one million equipment. The blind approach indicates that the campaign was opportunistic, that is, it tried to trap anyone, rather than targeting some individuals, organizations or industries. The bout was a platform that was mainly used to host malicious payload stages, but also used discard and dropbox.

The malware located the resources on the affected computer and sent them to the attacker’s C2 server. Exhibited data contains the following browser files, which can store login cookies, passwords, browsing history and other sensitive data.

• \ App data \ roaming \ Mozilla \ Firefox \ profiles \. Default Release \ Cookies.Clite
• \ App data \ roaming \ Mozilla \ Firefox \ profiles \. Default Release \ Formhistory.Sqlite
• \ App data \ roaming \ Mozilla \ Firefox \ profiles \. Default Release \ Key4.db
• \ App data \ roaming \ Mozilla \ Firefox \ profiles \. Default Release \ Login. json
• \ App data \ local \ Google \ Chrome \ user data \ default \ web data
• \ App data \ local \ Google \ Chrome \ user data \ default \ login data
• \ App data \ local \ Microsoft \ Edge \ user data \ default \ login data

Microsoft’s One Drive Cloud Service also targeted secure files. Microsoft said, “The theft of potential financial data was also checked for the presence of cryptocurrency wallets, including the theft of the theft, the liveger live, Treasur Sweet, Capeki, BC Walt, Winky, and Bitbox.”

Microsoft said he suspects that malicious advertising sites are pushing unauthorized content platforms. Two of the domains are the movies 7[.]Net and 0123 Movie[.]Art.

Microsoft Defnder now detects files used in the attack, and it is likely that other malware defense apps do the same. Whoever thinks he has been targeted can examine the compromise indicators at the end of the Microsoft Post. This post includes steps that users can take to avoid falling prey to similar malfunction campaigns.