Hackers use a clever Microsoft Edge malvertising scam

If you’re still using Microsoft Edge, beware – a new malvertising campaign has just been discovered and if you fall victim to it, your PC could be at risk.

According to Malwarebytes, the attackers are abusing Microsoft Edge’s newsfeed feature to target their victims. Here’s what we know about this clever new scam.


Malvertising refers to inserting malware into advertisements and that is exactly what is happening with this latest Microsoft Edge scam. The operation, first discovered by Malwarebytes’ threat intelligence team, appears to have started at least two months ago, if not longer. It’s hard to estimate how many people have fallen for the trick so far.

The scam campaign is running on a really big scale. The attackers allegedly switch between hundreds of different ondigitalocean.app subdomains per day and each of these subdomains is used to host a scam website aimed at scamming unsuspecting Edge users.

The threat actors insert attention-grabbing ads in the Microsoft Edge news feed. When a user is tempted to read the article, their browser is checked for a number of things such as: B. its location and time zone.

It seems that not all users are considered “worthwhile” enough to proceed with the scam. If the user’s browser doesn’t meet the attacker’s requirements, they’ll be redirected to a bait page and nothing further happens. However, if the user ticks all the boxes, they will be redirected to a deceptive landing page.

Assuming that the user makes it to the scam’s landing page, it follows a well-known pattern used by many threat actors in the past. The landing page tells the user that Windows Defender Security Center found a Trojan horse virus and blocked the computer for security reasons. They are then given a (supposedly toll-free) phone number to dial to unlock their computer.

Malwarebytes has not specified what will happen if you call the phone number listed, but the way this scam usually works is for the scammers to gain remote control of your computer and lock it until they get paid. This often appears legitimate and is not so much a form of blackmail as a form of “payment to fix this technical problem for you”. Users may also be offered to sign up for a longer-term technical support contract.

The Microsoft Edge browser is open on a Surface Book 2 in tablet mode.

Microsoft Edge is the default browser for Windows users and, similar to its (now-deprecated) older brother Internet Explorer, it is primarily used to download another browser. Statcounter puts Edge’s market share at 4.3%, making it a small fish in a large pond, largely dominated by the Google Chrome shark (65.52%). It sometimes trades blows with Mozilla Firefox, which currently has a 3.16% market share.

If you’re using Microsoft Edge and want to avoid problems, it’s best to ignore the newsfeed altogether for now and just go directly to a reputable news site to keep up to date.

Editor’s Recommendations

Laisser un commentaire

Votre adresse e-mail ne sera pas publiée. Les champs obligatoires sont indiqués avec *