Revive Adserver is an open-source advertising server that allows companies to manage in-house and third-party advertisements on their websites. According to the advertising security firm Confiant, a group going by “Tag Barnakle” has been injecting malicious ads through vulnerable Revive servers. The attackers, in this case, appear to be using modified versions of advertisements already in use by the publisher, possibly to keep from raising suspicion. These new, malicious ads will then redirect visitors to pages pretending to be an Adobe Flash Player update. If the victim downloads and installs the fake Flash update, malware is installed. The Shlayer Trojan has been observed to be delivered to MacOS systems, while Windows systems have received a variety of different browser extensions, ransomware, and trojan infections.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in