A malvertising campaign called ‘blue-softs’ had 8100 different ads, and ‘xtaskbar-themes’ had 4300 ads. These ads appear to be legitimate but in both cases they were examples of malvertising. Once the software is downloaded and run, they deliver a malware payload.
Hackers can buy ad space just as easily as legitimate businesses. The best way to avoid falling victim is never click on an ad.
Similar malware campaigns have been seen on YouTube and LinkedIn.
You should always be cautious of software you download. I recommend testing each download through virustotal.com before opening it. It does not guarantee safety, but it can supplement your antivirus and MDR (if you’re using them). If you do download something and find it has disappeared from your downloads folder, it may be in your quarantine.
Daniel Weatherly, CISSP
Director of Security Services
Mainstream Technologies Inc.
501-801-6706
