U.S. Cracks Down on Kaspersky, AdsExhaust Malware Targets Meta Quest Users: Your Cybersecurity Roundup

Graphic on recent cybersecurity news, including US and Kaspersky.

U.S. Cracks Down on Kaspersky, Cites National Security Risks

he U.S. Department of Commerce has enacted a comprehensive ban on Kaspersky Lab’s security software, citing national security concerns. Effective July 20, 2024, this decision stems from apprehension that the Russian government could exploit Kaspersky’s access to sensitive U.S. information through its widely used antivirus and cybersecurity products.

The ban prohibits the sale of new Kaspersky software to American consumers and businesses and restricts the company from providing updates to existing customers after September 29. This move has far-reaching implications for Kaspersky and its vast customer base, including over 400 million users and 240,000 corporate clients globally.

While Kaspersky has vehemently denied any wrongdoing and maintains its commitment to transparency and trustworthiness, the U.S. government remains unconvinced. This decision follows years of scrutiny and previous restrictions on Kaspersky products within federal networks, further fueled by allegations of the company’s involvement in espionage activities.

Malicious AdsExhaust Malware Targets Meta Quest Users via Fake Websites and Search Engine Poisoning

Cybersecurity researchers have uncovered a deceptive campaign targeting individuals searching for the Meta Quest (formerly Oculus) app for Windows. Leveraging search engine optimization (SEO) poisoning techniques, threat actors are promoting fake websites that mimic the official Meta Quest website. Unsuspecting users are then tricked into downloading a ZIP archive that contains a malicious batch script.

Once executed, this script triggers a chain reaction, ultimately leading to the installation of the AdsExhaust adware. This malicious software monitors user activity, simulates clicks, and redirects browsers to generate fraudulent ad revenue for its operators. Furthermore, AdsExhaust is capable of capturing screenshots and exfiltrating sensitive data from infected devices, posing a significant privacy risk.

This campaign is not an isolated incident, as similar tactics have been observed in other recent attacks, including those delivering the Hijack Loader and Adwind malware. These incidents highlight the growing sophistication of social engineering techniques employed by cybercriminals to deceive users and install malicious software.

Car Dealer Software Provider CDK Global Suffers Second Cyberattack

CDK Global, a leading provider of software solutions for car dealerships, has been hit by a second cyberattack while still recovering from a previous incident. The initial attack prompted the company to take parts of its infrastructure offline. While some services were briefly restored, a subsequent attack forced the company to shut down most systems again, leaving many major car dealerships in the United States paralyzed.

The second attack occurred late in the evening on June 19th, and CDK Global is currently assessing the extent of the damage with the help of external experts. The company has not provided a timeline for when systems will be fully restored, leaving dealerships scrambling to find alternative ways to manage sales and service operations.