What is the issue?
A new malvertising campaign conducted by eGobbler threat group has infected over 1.16 million ad impressions via the WebKit exploit.
More details about the malvertising campaign
This campaign, which was conducted between August 1 and September 23, 2019, specifically targeted some web applications with text areas and search forms in order to maximize the chances of hijacking keypresses.
“eGobbler’s preference for desktop platforms during this period supports their latest WebKit exploit, as the ‘onkeydown’ event is less likely to spawn organically during mobile browsing. Historic activity from the threat actor, prior to mid-June was generally targeted towards mobile devices,” researchers said.
The eGobbler threat actors were spotted using several content delivery networks (CDNs) to deliver their payloads.