Cyber ​​criminals serve advertisements for hacking services on corporate websites, such as the Spanish Red Cross

Madrid, June 5 (Portaltic/EP) –

cyber criminals I was able to insert advertisements for hacking services on corporate and government web pages around the world, where they used PDFs containing these offers, a campaign that would have affected Spanish Red Cross.

malicious actors It has integrated penetration service offerings In PDF documents that include official organizations’ web pages, such as communications or data forms.

These documents are linked to Third-party websites where the ads are located, which cyber criminals claim they are capable of Hacking Instagram, Facebook or Snapchat accountsand we promise other services such as achieving goals in video games using cheats and getting fake followers on social networks.

These malicious actors targeted the official websites of various state and local governments, as well as counties and universities, using .gov and .edu.

Among the organisms affected by this parasitism State Governments of California, North Carolinaand Ohio and Wyoming (USA), as well as Universities of Buckingham (UK) del Norte (Columbia), UC Berkeley, San Diego, and San Francisco.

So you would have known techcrunch, According to a researcher at Citizen Lab John Scott Railtonwhich indicates that cyber criminals will not only carry out this malicious campaign on web pages with the aforementioned domains.

According to their analysis, cybercriminals were also able to insert advertisements for hacking services on other websites, such as the corresponding advertisement of the Spanish Red Cross and on the website of Industrial companies Such as Rockwell Collins and Raytheon.

TechCrunch also suggest that since some of these offers have a publication date, they may have been available online for some time and within the reach of users who have accessed or downloaded these files.

For his part, Scott-Railton noted through his Twitter profile that cybercriminals could have exploited this “spam” for “nefarious things”. In this case, cybercriminals will only share their offerings within PDF files, though “They were able to upload PDFs with harmful content or links”, according to this researcher.

After analyzing the websites where the posts for this hacking service were placed, TechCrunch concluded that the hackers’ purpose was to make money through clicks on these offers.

In this sense, he indicated that the creators of this campaign are using open source tools to create verification pop-ups, and at that time they will generate money in background.

On the other hand, TechCrunch insisted that three of the victims of this malicious campaign — the University of Washington, the city of Johns Creek, and the Spokane Community Colleges (all from the US) — indicated that the problem was due to the CMS. KenticoCMS.