A Malvertiser called “RoughTed” Successfully Bypass the Ad-Blockers and Delivery Malicious Payloads into the visitors Operating Systems and Browsers which is used to visit the “RoughTed” Malvertiser Contain websites.
RoughTed used to Generate a huge amount of traffic by Bypass the Ad-Blockers and it contains many malicious Payloads to inject into visitors host.
RoughTed related domains used to generate half a billion hits and many successful Compromises has been identified within 3 months and Traffic comes from thousands of publishers, some ranked in Alexa’s top 500 websites by Malwarebytes Research Team.
Malvertiser Using Content Delivery Network (CDN)(Distributed network of proxy servers) to Bypass the tracking and multiple ad redirections from several ad exchanges which makes more difficult to identify the source of their malvertising activity.This malvertising campaign traffic generated by displaying ads in more than 1000 of Websites and it redirect into a Malicious site that contains Malicious Payloads to distribute across the visitors Operating Systems and Browsers.
According to Malwarebytes Researchers, a Domain Called roughted[.]com performing a redirection chain by using “Magnitude exploit kit via its pre-filtering gate”.
roughted.com/?&tid=645131&red=1&abt=0&v=1.10.59.18
The majority of the Malicious Domain which is used by Malvertiser has been created via the EvoPlus registrar.
These domains are used by Malvertiser as a gateway used to bypass ad-blockers.
Afer few Days research was done by malwarebytes team, they find few more same URL structure which is same as roughted[.]com structure which I Mentioned above.
Image source: Malwarebytes
Publisher providers of content (news, media files, etc.) which drive people to visit them regularly and paid to the Registered user who all are willing to advertise the ads in their Website.
There are top some top Ranking Publishers are being used for the RoughTed battle originates from gushing video or record sharing locales intently entwined with URL shorteners.
Visitors to these sites are targeted with ads and in some cases, some that belong to the RoughTed campaign. Malwarebytes said
These Domains are ranking in below 1000 in Alexa Record.
you can Visit Malwarebytes for full Technical Writeup.
Android Application Penetration Testing Part – 4
Security researchers have published a Proof-of-Concept (PoC) exploit for a critical vulnerability in the widely used PuTTY SSH and Telnet…
Modern cars have microcontrollers that use the Controller Area Network (CAN) to perform safety and luxury functions. However, vehicle hijacking…
The latest Nexusguard DDoS Trend Report for 2024 has unveiled a significant escalation in the size of Distributed Denial of…
Researchers have identified a new form of cyberattack termed "LLMjacking," which exploits stolen cloud credentials to hijack cloud-hosted large language…
In a recent cybersecurity breakthrough, researchers have unveiled significant updates to the HijackLoader malware, a sophisticated modular loader notorious for…
The North Korean hacking group known as Kimsuky has been reported to employ sophisticated methods involving social media platforms and…