Researchers at ESET have discovered a new malicious campaign where threat actors are advertising sites that distribute data-stealing malware. In this campaign, legitimate sites are Microsoft Store, Spotify, etc. Users are being lured into opening the websites and install the application to have the purpose served but installing the malware behind.
Distributing Ficker Malware Through Advertising
As stealing credentials can help fraudsters exploit more resources, they’re always in a state of crafting new plans to obtain them. One such plan was discovered by ESET researchers, who warned about a campaign where the threat actors are advertising malware disguised as legitimate applications.
#BREAKING Beware of active infostealer campaign mimicking Microsoft Windows Store, Spotify and FreePdfConvert apps targeting countries in South America ????????????????????????. #ESETresearch @jiriatvirlab 1/3 pic.twitter.com/bizy5ie3GQ — ESET research (@ESETresearch) April 19, 2021
