Posts in ad fraud
SC Media: Malvertising attacks using polyglot images spotted in the wild

The malvertising space may be seeing an influx of more advanced threat actors according one research report that found polyglot images now being used to disguise malvertising attacks.

Polyglot images, which differ from their near cousins steganographic images primarily by not needing an external script to extract the payload, have been spotted in the wild.

Read More
The Daily Swig: Malvertising fiends using polyglot exploits in real-world attacks

Cybercriminals have started using so-called ‘polyglot images’ to disguise malvertising attacks.

Polyglot exploits center around malicious payload files that can be interpreted as either an image or a piece of JavaScript.

The tactic – spotted in the wild by researchers at ad fraud prevention firm Devcon – has been adopted by a group hoping to pass off malicious JavaScript as artwork.

Read More