GoKawiilIn a startling revelation, thousands of websites belonging to US government agencies, prominent universities, and professional organizations have been hijacked. Malicious players have exploited these compromised websites to promote fraudulent offers and schemes, most of which target teenagers by offering fictitious rewards in popular online games such as Fortnite and Roblox.
These scams aim to deceive youngsters, who end up downloading malicious apps or malware, thereby compromising their personal information.
Security researcher Zach Edwards has been closely monitoring these scams for more than three years. Edwards, a senior manager of threat insights at Human Security, has identified several compromised domains, including .gov, .org, and .edu websites too.
This group is what I would consider to be the number one group at bulk compromising infrastructure across the internet and hosting scams on it and other types of exploits. Zach Edwards
The Bold Attack Mechanism Of Online Miscreants
The extensive nature of these ongoing threats, along with the bold attitude of the malicious players, makes them different from other online attacks. The attack mechanism used by the scammers remains consistent across different compromised websites.
The documents contained keywords relevant to the respective subjects, which ranked them on search engines and thereby attracted clicks.
The cybercriminals exploited the vulnerabilities in the content management system or the website’s backend, uploading malicious PDF files termed “poison PDFs.”
They designed these files purposely to appear in search engine results. This entices children with offers like free Fortnite skins, Roblox’s in-game currency generators, or access to popular films.
Once a person clicks on these links within these poison PDFs, a link within these poison PDFs is initiated. This eventually leads the kids to the landing pages of the scam. Edward pointed out that there are several landing pages particularly designed to target children.
... continue reading