| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Phlox Tempest is a threat actor responsible for a large-scale click fraud campaign targeting users through YouTube comments and malicious ads. They use ChromeLoader to infect victims' computers with malware, often delivered as ISO image files that victims are tricked into downloading. The attackers aim to profit from clicks generated by malicious browser extensions or node-WebKit installed on the victim's device. Microsoft and other cybersecurity organizations have issued warnings about this ongoing and prevalent campaign.
There are currently no families associated with this actor.
| 2022-09-17
⋅
Twitter (@MsftSecIntel)
⋅
Tweet on click fraud activity DEV-0796 Phlox Tempest |