Summary

Follow on to our update on November 29, ScamClub continues to infect the ad ecosystem. We continue to see attacks coming through on-page integrations like video players and commenting widgets. Since we first detected this threat we have continued to block this threat at a high rate and based on our data this threat builds new signatures every 2-3 days.

Assessment

ScamClub is back with a new method of attack. The latest ScamClub threats have evolved to targeting on-page video integrations. We commonly see attacks coming through Connatix, Disqus, Taboola and Vidazoo (for an exhaustive list, contact your account manager or email Support@boltive.com).

Landing Page Screenshots

Malicious Tactics Used

ScamClub has been using similar tactics to what they have used in the past. Based on our observations, ScamClub has considerably reduced its redirect payloads and removed most AQV checks in order to avoid detection while significantly increasing their volume.

Affected Platforms

Display/video on desktop and mobile

Conclusion

Though some believe that the ScamClub threats have been completely thwarted in the past, ScamClub attacks will not back down from a challenge. As a threat actor, ScamClub has and will continue to evolve.

Contact the Boltive team to best prepare for attacks like these. As a client, please contact your account manager. As a prospective client, click here and our team will follow up with you.

Active Threats - Feb. 2024 - ScamClub Update

Summary

Assessment

Landing Page Screenshots

Malicious Tactics Used

Affected Platforms

Conclusion

IAPP GPS - Our Thoughts, Part 1: What Regulators Want Us To Know – Busting Common Myths

Decoding the Art of Deception: Insights from Our Boltive AI Engine

Get Your Time Back - How AI Solves your "Unknown" Tag & Cookie Problem

CG Infinity and Boltive Forge a Partnership to Enhance Data Protection

On-demand Webinar - Demystifying Digital Privacy

Prioritizing Children's Privacy: Strategies for Ethical Advertising and the Use of AI

Active Threats - Feb. 2024 - ScamClub Update

Ad Security Reimagined: Exploring Boltive's Artificial Intelligence Techniques

Case Study - Defensive Against Offensive Ads

How Best-in-Class Companies Are Preparing for 2024’s State Privacy Regulations

Companies Continue to Share Health Data Despite New Privacy Laws

Active Threats - Jan. 8-10, 2021

Active Threats - Feb. 22-24, 2021

Active Threats - Apr. 2-5, 2021

Active Threats - May 18-25, 2021

Active Threats - Jun. 16-23, 2021

Active Threats - Jul. 21-28, 2021

Active Threats - Nov. 15-22, 2021

Active Threats - Oct. 17, 2022

Risk Report - Oct. 2023

Active Threats - Nov. 29

Your Privacy, Our Priority: Boltive Privacy Guard Supports TCF v2.2 and GPP

Business Ninjas Podcast - Secure Protection for Advertisers Against Invasive Media

Boltive and Slalom Consulting Join Forces to Bolster Data Privacy: A Powerful Alliance Against Emerging Risks

Active Threats - Aug. 24th

Automating Threat Detection: How Boltive is Harnessing Artificial Intelligence to Reshape Ad Security

Forbes Article - The Privacy Prescription: Rules Restricting Health Data Use And How To Employ More Holistic Security Measures

Forbes Article - Will The U.S. Update Laws For Children's Digital Privacy?

The Current State of Ad Security

Staying Compliant in an Evolving Data Privacy World

Dan Frechtling on More Than a Refresh Presents: Digital Privacy

Dan Frechtling on Inuizi's The Data Deep Dive

Forbes Article - How Privacy Got On The Calendar

Whitepaper: Digital Advertising Unboxed

Dan on The Cyber Pro Podcast ep. 236

Dan Frechtling on That Tech Pod — "Why Aren't There Privacy Riots?

3 Strategies to Improve Ad Revenue for Publishers

Boltive CEO Dan Frechtling Joins Forbes Technology Council

Our CEO, Dan Frechtling, featured on Leadership Live podcast with Daphna Horowitz

Why Data Privacy is Being Overhauled in 2023: Dan Frechtling featured on the Security Weekly Productions podcast

Why Having a Consent Management Platform is Not Enough

Our Director of Product, Christine Desrosiers, discusses the current state of Ad Tech with Brand Safety Institute

Boltive featured in Quirk's Media

Geekwire wrote about the heartening link that brought our CEO and CFO to Boltive.

Boltive featured in Consumer Reports

The Data is In! Ad Lightning’s 2021 Q2 Malware Report

Ad Lightning’s Interview with Monetization Platform Setupad

Ad Lightning’s 2021 Guide to Blocking Bad Ads and Ensuring Ad Quality

Ad Lightning’s Q1 2021 Recap: Taking Control to Protect Brands & Customers

Ad Lightning’s New Platform Partners Help Move the Ad Quality Fight Upstream

What Ad Lightning’s Stellar NPS Score Means to Our Business & Partners

The Digital Ad Industry Set Records in 2020, but It’s Not Time to Relax

Ad Lightning’s Q4 2020 Overview of Malicious & Unwanted Ads

Ad Lightning Makes Video QA Fast and Easy to Maximize Publisher ROI

Ad Lightning’s Look at the Digital Advertising Industry in 2021

Looking Back on Ad Lightning’s 2020 State of Ad Quality Report

3 Common Malicious Tactics: A Peek Into How Malware Operates

Changes to CCPA Put Retargeting in the Regulatory Bullseye

IAPP Webinar 2022

What Is A Consent String Failure

Three Ways Online Ads Violate Privacy

Privacy Guard Overview

Privacy Guard Fact Sheet

Privacy Guard Details

Fortune 100 CCPA

Opt-outs Routinely Fail

Interest Based Ads

Why Ad Lightning Became Boltive

Part 1: Should We Prepare? An Interview with CPRA Co-author Rick Arney

Part 2: Should We Prepare? An Interview with CPRA Co-author Rick Arney (pt. 2)

The Publisher Ad Security Checklist

How Publishers Can Increase Revenue by Creating a Great Ad Experience in 2022

3 Programmatic Trends in 2022 - That Didn't Happen in 2021