A cybersecurity company has uncovered a massive malvertising campaign that is hitting all over the world. In their advertisements, hackers promise unreal returns on investment.
Confiant, a cybersecurity company, has uncovered a very elaborate online scam. Cybercriminals have been preparing their coup for a very long time. To execute their plan, they use domains purchased sometimes fourteen years ago.
To read – Microsoft warns of a gigantic security breach that infects a million connected objects
According to analysts, the CashRewindo campaign is extremely complex and well-designed. It strikes everywhere in the world, but targets a very specific category of Internet users. To do this, hackers place malicious advertisements on legitimate sites. If a visitor clicks on one of them, the code in JavaScript is able to determine whether it is a wanted target or not. If the latter does not meet the criteria for selecting hackers, it will be redirected to a harmless page. If, on the other hand, it is a designated target, it will be taken to a cryptocurrency investment site promising huge profits.
Hackers change the content of their fake sites depending on the country and the context
These sites are hosted on old domains purchased sometimes fourteen years ago. Being inactive for so many years has earned them a good reputation in the eyes of search engines. Since they have never had any suspicious activity for a long time, security platforms consider them harmless. The investments offered on these platforms are obviously pure scams. Don’t count on recovering a single pennyif, by misfortune, you transferred money to them.
To read – He thinks he invests €90,000 in cryptocurrency and loses his life savings
According to the experts, the CashRewindo campaign is a clever cocktail of patience and meticulousness. In addition to preparing their coup since 2008, hackers took care to translate their fake sites of investment in several languages, in order to adapt their “pitch” according to the operating system of their victims. This allows them to target Internet users from all over the world, whether they are in Europe, America, Africa or Asia. Not less than 487 fraudulent sites would have been created. CashRewindo targets Windows computers at 75%, with devices running Android forming the second contingent of victims, at 14%.
Source : Confident
