Experts have discovered a dangerous scam targeting Meta Quest users that everyone should be aware of. A fake Meta Quest website, called oculus-app[.]com, has been identified by researchers from eSentire. This website appears to be identical to the real one and allows users to download the Meta Quest app, but it is actually bundled with malware.
The fake site has managed to rank high on search engines using various SEO poisoning techniques. This increases the likelihood that users searching for Meta Quest will unknowingly end up on the malicious site. Once the app is downloaded and the installer is run, a Windows batch script is also installed. This script fetches a second batch script from a command-and-control (C2) server, which then retrieves a final batch file.
The malware, known as AdsExhaust, primarily generates revenue for its operators by displaying ads. It checks if Microsoft’s Edge browser is running and if the user has been idle for nine minutes. If so, it will open new tabs, visit specific URLs, scroll through pages randomly, and inject clicks. Additionally, AdsExhaust can take screenshots and simulate keystrokes, allowing it to interact with browsers and generate revenue through ad clicks.
What makes AdsExhaust particularly dangerous is its ability to hide its activities. If it detects mouse movements, indicating that a user is present, it will close the browser and create an overlay to conceal its actions. This adware threat is skilled at manipulating user interactions and remaining undetected while engaging in harmful activities.
It is crucial for Meta Quest users to be cautious when downloading the app and to ensure they are using the official website. By staying informed about potential scams and malware threats, users can protect themselves and their devices from malicious actors.
In addition to being vigilant about online security, users can also benefit from installing reputable antivirus software and keeping their devices up to date with the latest security patches. By taking these precautions, users can reduce the risk of falling victim to scams and malware attacks.
By staying informed and proactive about cybersecurity, users can enjoy a safe and secure online experience while using Meta Quest and other digital platforms. It is essential to remain cautious and to verify the authenticity of websites and apps before downloading any software to protect against potential threats.
