Guardio Labs investigated a large-scale fake CAPTCHA campaign distributing Lumma info-stealer malware via an ad network. This malvertising campaign involved over 3,000 content sites and delivered over 1 million daily ad impressions, causing significant data and financial losses. The research highlighted the interconnected roles of ad networks and tracking services, with Monetag and BeMob identified as key players. This underscores the pervasive threat of malvertising and the need for stricter oversight in the digital advertising ecosystem.
Table of contents
“DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet AdvertisingThe Fake-Captcha Lumma Stealer CampaignAd-Networks As EnablersEvolving From Advertising to Malvertising CaptchasFake-Captcha’s Malvertising: End-2-End AnalysisThe Ad-Network: MonetagThe Publishers: Pirated Content and Click-BaitsA Mind Game of Plausible DeniabilityResponsible DisclosureFinal ThoughtsSort: