"Massive Ad Fraud Campaign Sends Million of Spam Emails from Thousands of Hijacked Reputable Domains"

An ad fraud campaign uses thousands of hijacked legitimate domains and subdomains to send millions of spam emails, generating revenue for the threat actors. The "SubdoMailing" campaign distributes malicious ads to get fraudulent clicks for "Ad network" clients. The campaign, active since September 2022, involves hijacking no longer registered or abandoned domains and subdomains belonging to legitimate brands to send spam from attacker-controlled infrastructure. This article continues to discuss findings regarding the massive ad fraud campaign.

CPO Magazine reports "Massive Ad Fraud Campaign Sends Million of Spam Emails from Thousands of Hijacked Reputable Domains"

Submitted by grigby1

Submitted by Gregory Rigby on