Hacking Group Targets Companies Using Revive Ad Serving Platform

By SiliconANGLE

15 August 2020

A hacking group is targeting companies using the self-hosted ad serving platform Revive to inject and deliver malicious advertising to website visitors.

In an attack detailed today by security researcher Eliya Stein from Confiant Inc., the ad servers are being targeted by a group dubbed Tag BarnacleRevive Adserver is a popular open-source ad serving platform for those who don’t wish to use hosted services from the likes of Google LLC.

Tag Barnacle is attacking Revive installations through the injection of an obfuscated Javascript payload that gives it the ability to hijack and display its own ads. Those ads are typically for sites offering malware such as fraudulent Adobe Flash updates.

Eliya Stein discovered 60 compromised Revive ad servers serving about 360 websites. That’s not a particularly large number, but one of the compromised ad servers was found to have served 1.25 million malicious ad impressions in a single day. Those using Revive are often small online advertising companies that may not be aware they have been breached.

Read Complete Article: