Crafty threat actor uses ‘aged’ domains to evade security platforms

A sophisticated threat actor named ‘CashRewindo’ has been using ‘aged’ domains in global malvertising campaigns that lead to investment scam sites.

Malvertising involves the injection of malicious JavaScript code in digital ads promoted by legitimate advertising networks, taking website visitors to pages that host phishing forms, drop malware, or operate scams.

The CashRewindo malvertising campaigns are spread across Europe, North and South America, Asia, and Africa, using customized language and currency to appear legitimate to the local audience.

Read more…
Source: Bleeping Computer