Vulnerable CMS and digital advertising enable proliferation of malvertising across compromised brand websites. To get the details, check out the full report.
Download MudOrange Report 2023-02
Originally using adult sites as a playground, malicious actors have cast a wider net, reaping havoc across the internet by showing fake software updates and advertising compromised software such as malicious browser extensions to everyone they can. This threat mainly lives in low quality or malicious Blogger pages behind bogus VPN and click-bait creatives, affecting those who wander in. However, this threat is making its way into legitimate but vulnerable websites, most of which have been WordPress sites. Although it tries to avoid automated browsers and scanners, it does not discriminate against its users based on device or operating system. We have seen this threat affect Windows, Android, Mac, iPhone, Chrome, Firefox, etc.