A sneaky, wide-scale IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones that deliver malware.
Originally published at darkreading.com
SecurityAI-assisted1 min read
DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks
DriveSurge, a large-scale initial access broker (IAB) operation, is leveraging a malicious traffic distribution system (TDS) to compromise thousands of legitimate websites. The campaign redirects unsuspecting visitors from trusted sites to malicious destinations that deploy ClickFix and FakeUpdate malware attacks, representing a significant supply chain security threat.
▸ Want a deeper look?
Talk to an architect about applying this to your stack.
60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.
