Threat Watch

German Windows 10 Users Experiencing Malvertising Campaign

Multiple Windows 10 users have reported instances where their browser has brought up prompts for sweepstakes, surveys, prize wheels, and security threats. It seems as if the prompts were happening through in-app ads when users were operating on Microsoft News, Microsoft Jigsaw, and other Microsoft apps that support advertising. Fake system alerts appear on the user’s screen warning them that their browser is infected, and if they click on the prompt, a faulty system cleaner program is suggested for the user to download. In other prompts where users were alerted of winning a prize, they were asked to complete a survey in which personal data would be asked for or malware would be downloaded. The issue is that the fake in-app ads are not being caught by ad blockers. Because the ad blocker recognizes these apps as a normal script since they are launched by Windows 10, they are not picked up on. Similar campaigns have been seen in the past and Microsoft has attempted to mitigate the issue with their Windows Defender policy.

ANALYST NOTES

Until a definitive answer to the problem is given, users must rely on security software or browser filtering services that could alert them of a malicious site. If a prompt is brought up on the user’s screen, they should immediately close it, which should deter the issue for the time being.