Confiant Threat Intelligence Team • 1 minute read
Threat Intelligence Red Button Security Alert: DCCBoost Attacks
Forced redirect Scareware by DCCBoost
Confiant alerts our customers whenever significant, widespread malvertising attacks occur in the digital advertising ecosystem. In this case, on March 13, 2023 the Confiant threat intelligence team notified clients of an attack by the threat actor we call DCCBoost.
Confiant's threat intelligence team has identified that threat actor DCCBoost is currently serving malicious ads through several sources.
Attack Information
DCCBoost is currently running a forced redirect scareware campaign, targeting the US, Canada and Europe on desktop environments. DCCBoost has been using fake McAfee scareware attacks since late 2021, after a long time spent targeting mobile devices. The current campaign is especially active on DSP StackAdapt but it is also present on BuckSense. DCCBoost has had some presence on both DSPs since July 2022 and this January was very active on BuckSense via Bidswitch. The current campaign uses some additional ways to stay undetected, waiting 5 seconds before activating, and only redirecting on user interaction (scrolling, clicking, key press anywhere on the page).
When:
Over the last 2 weeks with growing activity this week.
How:
SSPs Impacted:
- YieldMo
- TrustX
- Bidswitch / Criteo
- GumGum
- Yahoo
- Index
DSPs impacted:
- BuckSense
- SmartyAds
- StackAdapt
Where:
- Geographies: United States (52%), Canada (22%), Germany (15%), United Kingdom (10%), Other (1%)
- Targeting: Desktop - Windows (88%), Mac (12%)
- Reach: Less than 0.5% of impressions in targeted geographies
Confiant also includes simple step-by-step instructions for our customers on how to protect their sites from this and other similar attacks in every alert, as well as screenshots where available.
Confiant's ad verification solutions and threat intelligence security attack alerts help defend the digital ad industry by enabling publishers and ad platforms to take back control of the ad experience from threat actors to protect their users. Our solutions protect reputation, revenue, and resources through real-time verification of digital advertisements.
Confiant's technology actively blocks and detects malicious activity, privacy infringements, and low-quality ads. By providing industry-leading protection against malvertising, disruptive ads, and privacy risks Confiant empowers premium ad platforms and publishers with actionable data to ensure the digital ad ecosystem is safe and secure for everyone.
Not part of the Confiant customer community yet? Request a free trial today.