A group of cybercriminals has started 28 fake advertising agencies to distribute malicious advertisements that tried to infect internet users with malware. To keep up appearances, and to make their companies look more genuine, the criminals created fake LinkedIn profiles of their nonexisting CEOs.

Fak ads

Security researchers from Confiant analyzed their behavior and named the group of cybercriminals, “Zirconium”. Criminals in the group were involved in both attracting traffic and creating malicious landing pages.


[caption id=”attachment_media-25” align=”alignnone” width=”792”]Fake agancies.png Fake agancies. Picture blog.confiant.com.[/caption]


The fake advertising agencies built up relationships with legitimate advertising platforms to purchase traffic. Traffic purchased by the group was resold to so-called affiliate platforms, like Voluum and AdSupply that are known for their, “leniency towards malicious campaigns”, according to Confiant.