#Kaspersky researchers have identified over a thousand inactive domains that refer visitors to unwanted internet addresses for profit.
According to Kaspersky's description, Kaspersky researchers who gathered information about one of the helper applications for popular online games determined that this application attempted to redirect to an unwanted URL.
When they deepened the research, it turned out that this URL was offered for sale on an auction site.
Instead of directing visitors to the offer site, the address was redirecting to another blacklisted page.
Kaspersky's research shows that nearly a thousand different websites sold on various auction platforms have similar behavior.
The thousand pages in question direct visitors to more than 2,500 websites.
Many of these sites focus on downloading the Trojan horse called Shlayer, a common macOS threat that installs unwanted adware on devices and is distributed by malicious web pages.
While 89 percent of the redirects detected between March 2019 and February 2020 went to the pages related to advertising, 11 percent redirected to malware.
Users were often asked to install malware or download infected MS Office or PDF documents, while sometimes the page itself contained malicious code.
According to experts, the ambition lies behind this multi-layered plan.
Cyber fraudsters use illegal illegal advertising pages with this method. traffic earns income by directing.
The researchers found that one of the malicious pages in question received an average of 600 referrals in ten days.
These referrals are reflected in cybercriminals as a commission.
They are also paid for threats like Shlayer, per setup they point to cyber criminals.
"A comprehensive security solution should be used "
Kaspersky Junior Malware Analyst Dmitry Kondratyev, whose comments were included in the statement, noted that there are very few things users can do to avoid being directed to a malicious page:
"Domains with these redirects were perhaps reliable sources that have visited frequently in the past. There is no way to know if they have now transferred visitors to pages downloading malware. In addition, whether you come across a malicious site depends on the situation. You are accessing from nothing happens.
Then you are trying to access with VPN, redirects to a page that downloads Shlayer. Such ad-focused attack methods are often complex, making it difficult to fully expose them. That's why your best defense is to have a comprehensive security solution on your device. "