Malvertising campaign tracked as “Tag Barnakle” has been behind the breach of more than 120 ad servers over the past year to sneakily inject code in an attempt to serve malicious advertisements that redirect users to rogue websites, thus exposing victims to scamware or malware.
Operators infiltrating the ad-tech ecosystem using “convincing personas” to buy space on legitimate websites for running the malicious ads, Tag Barnakle is “able to bypass this initial hurdle completely by going straight for the jugular — mass compromise of ad serving infrastructure,”
Having poisoned nearly 60-70 AD servers, The latest slew of attacks is no different, although the adversaries appear to have upgraded their tools to target mobile devices as well. Tag Barnakle is now pushing mobile targeted campaigns,
Given that Revive is used by a good number of ad platforms and media companies, Confiant pegs the reach of Tag Barnakle in the range of “tens if not hundreds of millions of devices.” an conservative estimate