"The service, referred to as 1Campaign, provides hackers with a one-stop-shop for running malicious ads and enabling fraud "at scale," a recent report by cybersecurity company Varonis uncovered. Using just a single dashboard, hackers can cloak malicious content from security researchers, ad platform reviewers, and automated scanners - who instead see a benign white page - and target general users with phishing or scam attempts."
"On top of standard cloaking tools, 1Campaign also offers bad actors real-time analytics, visitor profiling, fraud scoring, and traffic blocking options that can configure content for known security vendors, data centers, and VPNs in order to get around detection. The tool logs IP addresses, geographic locations, company information or ISP, device type, security flags, and assigns each visitor a "fraud score.""
"1Campaign was developed by a hacker known as "DuppyMeister," and it's been on the cybercriminal market for the last three years. The developer runs support for the service through secret Telegram channels, and Varonis' Threat Lab found that the tool has an extremely high success rate at interrupting traditional detection methods."
Security researchers discovered 1Campaign, a malvertising service that allows hackers to execute sophisticated fraud campaigns by cloaking malicious content from security systems and ad platform reviewers. The platform provides a single dashboard interface where bad actors can hide phishing and scam attempts while appearing as benign content to automated scanners. Beyond basic cloaking, 1Campaign offers real-time analytics, visitor profiling, fraud scoring, and traffic blocking capabilities designed to evade detection by security vendors, data centers, and VPNs. The tool collects extensive visitor data including IP addresses, geographic locations, device types, and security flags to assign fraud scores and deliver targeted malicious content. Developed by a hacker known as DuppyMeister, the service has operated on the cybercriminal market for three years with support provided through secret Telegram channels.
Read at Mashable
Unable to calculate read time
Collection
[
|
...
]