Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected

2023-02-14 16:51

The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infected over 10,800 websites.

"The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID which contain Google ads for revenue generation," Sucuri researcher Ben Martin said in a report published last week.

The campaign, which is said to have been active since September last year, is orchestrated to redirect visitors to compromised WordPress sites to fake Q&A portals.

What makes the latest campaign significant is the use of Bing search result links and Twitter's link shortener service, along with Google, in their redirects, indicating an expansion of the threat actor's footprint.

Sucuri said the redirects landed on Q&A sites discussing blockchain and cryptocurrency, with the URL domains now hosted on DDoS-Guard, a Russian internet infrastructure provider which has come under the scanner for providing bulletproof hosting services.

"Unwanted redirects via fake short URL to fake Q&A sites result in inflated ad views/clicks and therefore inflated revenue for whomever is behind this campaign," Martin explained.

News URL

https://thehackernews.com/2023/02/massive-adsense-fraud-campaign.html

#fraud #wordpress

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Wordpress		7	2	95	44	18	159