Skip to main content

HUMAN: THE VASTFLUX TAKEDOWN - SYNDICATED BY IAIN FRASER CYBERSECURITY JOURNALIST

HUMAN: THE VASTFLUX TAKEDOWN
Syndicated By Iain Fraser - Cybersecurity Journalist
via www.iainfraser.net

Any good raconteur will tell you the best stories often happen when you’re not specifically looking for them. Such is the case with the Satori Threat Intelligence and Research Team’s latest takedown of a scheme we’ve dubbed VASTFLUX. The team came across unexpected web traffic patterns passing through a popular app, and while digging through that app, the Satori team uncovered a rabbit hole that got deeper and deeper the more they explored.

What the team pieced together was an expansive malvertising operation in which the bad actors injected JavaScript into ad creatives they issued, and then stacked a whole bunch of video players on top of one another, getting paid for all of the ads when none of them were visible to the person using the device.

The now-defunct VASTFLUX is an apparent adaptation of an earlier ad fraud scheme first reported in 2020. VASTFLUX evaded ad verification tags, deploying code that prevented detection of the scheme.

VASTFLUX was a very sophisticated scheme, exploiting the restricted in-app environments that run ads, particularly on iOS. More than 1,700 apps and 120 publishers were spoofed in the course of the operation, reaching a peak volume of 12 billion ad requests a day and impacting nearly 11 million devices.

VASTFLUX’s sophistication underscores a crucial element of collective protection: the more we in the industry work together, the harder cybercriminals will have to work to make any particular scheme stick for a meaningful amount of time. To that end, VASTFLUX was dismantled through the private collaborative efforts of HUMAN, its customers, and members of the Human Collective. The Satori team will continue to track the bad actors behind the scheme and watch for new schemes like VASTFLUX, and will share further information about the bad actors with the appropriate authorities. Learn More /...






Labels:
Location: Gibraltar

Comments

Post a Comment

Popular posts from this blog

CYBER BREACH: Data Breach Exposed Thousands of Pet Medical Records Including Owner Information

Tuesday, 5th December 2023 CYBER BREACH: Data Breach Exposed Thousands of Pet Medical Records Including Owner Information By Jeremiah Fowler - Website Planet  Syndicated By IainFraser.net/CYBER_Voice Daily Cyber Insights  Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to WebsitePlanet about a non-password protected database that contained over 56,000 records, including pet medical reports, DNA tests, pedigree history and other potentially sensitive information. As a long-time cyber security researcher, this is one of the most interesting discoveries I have ever encountered and a first for me.  I recently discovered a non-password protected database that contained records of thousands of dogs from around the world and included the information of their human owners. The publicly exposed cloud storage database contained a total of 56,624 documents in .PDF, .png, and .jpg formats with a total size of 25 GB. Upon further investigation, the database appeared...
Post a Comment
Learn More »

CYBERSECURITY NEWS: ECSO Launches its latest ground-breaking initiative CYBERHive

28th November 2023  CYBERSECURITY NEWS: ECSO Launches its latest ground-breaking initiative CYBERHive  Syndicated By: Iain Fraser/ Cyber PR Wire via IainFRASER.net/ CyberPRWire ECSO is delighted to announce the launch of its new, ground-breaking initiative: Cyberhive EUROPE. Cyberhive is the first-ever European marketplace co-created with- and for the European cybersecurity ecosystem, and will offer global accessibility to all Europe-headquartered cybersecurity solution providers, while also being freely accessible to end-users worldwide. Through the Cyberhive, ECSO will connect market players, promote European-made products, and ultimately strengthen the European cybersecurity market as a whole. To learn more about the Cyberhive, read below.  The second Annual CISO Meetup, organised by ECSO, starts today! Over 150 CISOs are joining us in Florence from all over Europe to engage in high-level discussions on critical cybersecurity topics. Read more below. Learn More /... ...
Post a Comment
Learn More »

CYBERSECURITY NEWS: EUROPOL- International collaboration leads to dismantlement of ransomware group

28th November 2023  CYBERSECURITY NEWS: EUROPOL - International collaboration leads to dismantlement of ransomware group in Ukraine amidst ongoing war  Syndicated By: Iain Fraser/ Cyber PR Wire via IainFRASER.net/ CyberPRWire The ransomware gang is behind high-profile attacks that created losses of hundreds of millions of euros.  In an unprecedented effort, law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant ransomware operations wreaking havoc across the world.  The operation comes at a critical time, as the country grapples with the challenges of Russia’s military aggression against its territory. On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne and Vinnytsia, resulting in the arrest of the 32-year-old ringleader. Four of the ringleader's most active accomplices were also detained. Learn More /... About EUROP...
Post a Comment
Learn More »