Cloaked Malvertising- Unmasking Complex Fingerprinting and Evading Detection


Malvertisers have released a new wave of sophisticated strategies using an advanced cloaking technique in an intensifying digital arms race to avoid discovery. Malicious advertising that appear on well-known search engines like Google are being created by threat actors to target specific IT products, such as remote access tools and scanners, according to security researchers at Malwarebytes. Ads for legitimate-sounding domains that link to landing sites are created as part of the malvertising campaign.

These advertisements direct visitors to landing sites that employ advanced fingerprinting to identify and weed out prospective security researchers or virtual machines.x000D To make sure that the victim is not a researcher or utilizing a virtual machine, these pages apply many levels of checks, such as server-side IP checks and client-side fingerprinting.

Read More…