nother set of fake banking apps has found its way into the official Google Play…
In this particular campaign, fraudsters used the cloaking method, usually this technique helps to bypass the Google, Bing and other search engines checks.
A researcher who discovered fake ads immediately reported a Google problem. However, it didn’t wait for action – the fraudulent ad continued to surface in the search results of the Internet giant.
After analyzing this malicious campaign, the researcher concluded that fake eBay ads were not shown to all users, and only at certain times of the day. The specialist noted that the ad “preferred” US IP addresses, appearing on the second and fourth search pages.
At the bottom of the ad was a link that supposedly should lead to www.ebay.com. Below is an example of fake ads:
When clicking on this ad, the user got on a whole series of redirects, which eventually resulted in freefixes13.azurewebsites.net. This site is still functioning, you should not visit it.
On the malicious site, the user was shown that Microsoft detected a malicious program and blocked the computer. You can see the diagram below on the video below:
Kabatibly.co.in is a domain that tries to force you into clik to its browser notifications…
Reditarcet.co.in is a site that tries to force you into subscribing to its browser notifications…
Everestpeak.top is a domain that tries to trick you into subscribing to its browser notifications…
Firm-jawed.yachts is a domain that tries to trick you into subscribing to its browser notifications…
Anapurnatop.top is a domain that tries to trick you into subscribing to its browser notifications…
Boomira.com is a domain that tries to force you into clik to its browser notifications…