There is a huge problem with spammy push notifications that trick users into accepting push notifications by using fake media players and fake CAPTHAs that if accepted will push all manner of SPAM on victims devices that say they have multiple viruses that pull up Google play store app to some bogus Cleaner/antivirus apps.

The push notifications are hosted on Cloudfront using AdMaven and AdFly and AppNexxus.

I have been trying to report these criminals for a couple of years now with no luck.

Cloudfront refuses to take down the script that AdMaven uses and AdMaven, AdFly, AppNexxus and Proppelerads all ignore multiple attempts to contact.

I know our local Vetrans hospital has a small sleep study room for diagnosis and will supply CPAP to those in need.

It reminds me of the obnoxious talking gas pumps that play ads while you’re filling your car.

At first there used to be a “mute” button to where you could silence the crap and all the plastic was worn away from everyone mashing it trying to shut it up.

Now I no longer see any option to mute the ads.

I hate ads with a passion and won’t allow them to run on my devices. Mainly for security and privacy but the aggravation they cause is palpable.

Whenever I work on someone else’s computer and open a web browser I am in shock that people can even concentrate with all the garbage on the screen.

But uBlock origin and PiHole both do CNAME inspection to block this.

Is there other ways that ads are circumventing DNS ad-blockers such as PiHole?

But I will now for sure.

There is a huge malvertising campaign targeting mobile users (especially Android) that tricks users into accepting push notifications with fake CAPTCHAs or fake media player buttons that push malicious ads and mobile malware and can even lead to botnet activity.

The risk versus value is too high.

What’s also very interesting is that the article links to page from TrendMicro about malicious Android apps using Java’s version of SSH to infiltrate internal corporate networks.

TrendMicro’s own Android app ALSO contained the same Java SSH sdk.

A few months ago something happened over at Zerohedge.. The site became unviewable with JavaScript disabled so I stopped going to the site. But it looks like they’ve had a change of heart and can now be viewed with JavaScript disabled.

But it also seems like the content has changed from what it used to be.

Did they change ownership or is it just my imagination from taking a break from their site when it became dependent upon JavaScript?

The first 4 smartphones I ever owned all came with preinstalled malware or malware was added after a “security update”

I don’t know his exact Twitter handle but you can find him under “foone”

If someone is suspected of a crime a warrant can be issued by a judge and the suspects phone compromised under lawful control of law enforcement.

What Apple is wanting to do is pre-crime where everyone is considered suspect until proven otherwise.

Did you know that Avast has a “confidential collaborator” known as Psafe that has an antivirus/cleaner app on Google Play called DFNDR that has been tricking users into installing their bogus app through scareware popunder fake virus warnings for over 8 years straight.

The DFNDR app was funded by the Chinese Qihoo and early versions of the app used to harvest users social media data and send data to Chinese servers. DFNDR also was not forthcoming with AV-test about it’s antivirus detectction engine.

It uses Avast’s detection engine and when AV-test found out the DFNDR app was no longer included in its testing.

The app itself is filled with trackers and several advertising SDK’s which take over the users device.

I have communicated with Psafe in private emails to show them the source of the fake virus warnings so that they could be stopped. Psafe requested I not go public with my findings for 30 days which I granted.

The fake virus warnings never stopped, not even on the sites I gave Psafe as examples.

Avast for it’s part banned me for life from their forums without warning.

Look at the user reviews of the DFNDR app on the Play Store to see for yourself.

Avast is nothing bat data harvesting ad agency at this point.

The malvertising company is abusing a script found on GitHub called: “alerty” hXXps://github.com/undead2/alerty#readme

There’s not a lot of information out there about that incident.

I believe they are actually part of the fire department or under their leadership but I could be wrong.

The most important thing about the crisis response team is time and patience.

The team is trained in descalation and are able to spend hours with a person in crisis.

They will sit and listen to the person, give them rides if need be and also make contact with people even if they aren’t in crisis to build trust and reliability.

Most of the time that’s all that someone really needs is just someone that will take the time to really listen.

I will also add that there is a definite need for a police presence in my city as well.

This script also pushed ads for a fake AdBlock app that was a dropper for banking trojan apps.

Amazon refused to do anything about it.

More info:

https://forum.xda-developers.com/t/massive-mobile-advertisin...