Total Tests:
Blog Filters reset x
By Incident
By Jurisdiction
Show More

Cybersecurity
Compliance

Cybersecurity
Legal Advisory
Learn More

Massive Ad Fraud Campaign Infected 11M Devices, Spoofed 1,700 Apps and 120 Publishers

Read also: PayPal, Riot Games compromised, FBI links $100M Harmony hack to North Korea, and more.


Thursday, January 26, 2023
Views: 8k Read Time: 2 min.

Massive Ad Fraud Campaign Infected 11M Devices, Spoofed 1,700 Apps and 120 Publishers

Massive ad fraud campaign infected 11M devices, spoofed 1,700 apps and 120 publishers

Security researchers dismantled an extensive ad fraud operation nicknamed “VastFlux” that affected millions of devices. The malvertizing campaign planted malicious JavaScript code into digital ad creatives, allowing the operators behind it to stack numerous invisible video ad players behind one another and register ad views.

The fraud scheme was primarily focused on in-app advertising services running on Apple’s iOS platform, spoofing 120 publishers and 1,700 apps. The campaign impacted more than 11 million devices (primarily Apple devices) and at its peak accounted for 12 billion bid requests a day.

FBI links $100M Harmony heist to North Korean Lazarus hackers

The US Federal Bureau of Investigation (FBI) has officially attributed a $100 million Harmony’s Horizon bridge crypto heist to a well-known North Korea-linked state-sponsored threat actor Lazarus Group.

According to the FBI, the perpetrators targeted a cross-chain bridge connecting Harmony, a Layer 1 blockchain, to Ethereum, Bitcoin, and Binance Chain and used the Railgun privacy protocol to move and launder over $60 million of the stolen Harmony assets. Some of the pilfered assets were sent to a number of VASPs and converted to Bitcoin.

Cybersecurity Compliance

Prevent data breaches and meet regulatory requirements

Cybersecurity
Legal Advisory
Learn More

T-Mobile says data breach impacted about 37 million customers

US second-largest wireless carrier T-Mobile revealed a massive data breach affecting around 37 million customer accounts. The company explained that a threat actor took advantage of an API to access customer account data, including name, phone number, email, date of birth, and billing address.

The exposed information did not include payment data, password or other sensitive data. T-Mobile said there was no indication that its systems or network was breached.

Thousands of PayPal accounts compromised in credential-stuffing attack

Online payments processor PayPal warned that around 35,000 user accounts have been targeted in a credential-stuffing campaign. According to the company, between December 6 and 8, 2022 a malicious actor accessed user accounts using credentials obtained from a third-party source (via phishing or purchased on underground marketplaces).

The potentially compromised information included personal data like names, phone numbers, addresses, birth dates, ITINs, and Social Security numbers. PayPal’s payment systems were not impacted, and no financial information was stolen, the company assured.

Hackers stole League of Legends source code from Riot Games

Popular gaming company Riot Games fell victim to a social engineering attack that affected its development environment and ability to release new content and game updates. Initially, the game maker did not share any details on how and when the attack took place, but said that there’s no evidence that player data or personal information was compromised.

In an update the company has confirmed that the intruders exfiltrated the League of Legends source code and demanded a $10 million ransom to prevent the stolen information from going public, which Riot Games said it has no intention to pay. Soon after the attackers have put up for sale the League of Legends source code and Packman for a price of $1 million.


What’s next:


Application Security Weekly is a weekly review of the most important news and events in cybersecurity, privacy and compliance. We cover innovative cyber defense technologies, new hacking techniques, data breaches and evolving cyber law.
Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential