This might explain some pop ups.

https://thehill.com/policy/cybersec...licious-cyber-tool-in-committing-digital

Quote
A firm focused on cybersecurity for the media industry says it has discovered that hackers are now using a tool designed to hide the fact that it includes malicious code to commit digital ad fraud.

Officials at DEVCON told The Hill on Sunday they uncovered the use of the tool -- known as a polyglot -- on Friday. They said that the use of polyglots, which are considered to be among the more technically advanced tools available for cyber criminals, points to more hackers committing digital ad fraud.

In a polyglot, users can hide malware within the code for an existing file, like an image. In a successful attack using the tool, a web browser will only load the code for what appears to be its intended purpose, allowing the malicious code to remain hidden while it carries out the attack.

For example, the hackers can manipulate the code to make it appear as if it is only an image. But when a web browser uploads the image, it is also including the malware -- a JavaScript code in this case uncovered by DEVCON -- which can then carry out an attack.



Quote
After the image appears, users can then be redirected to a pop-up offering a scam like a $1,000 gift card to Walmart.

“This all happens automatically without user interaction,” Josh Summitt, the chief technology officer at DEVCON, told The Hill. “So the user doesn’t have to click an ad or anything like that for this to happen, it will just redirect them out of the site.”

“Most users, it annoys them,” he added. “Some users actually click on these things and give up their data.”

Summitt and Louie said that once the pop-up appears, other attacks can be carried out, from cryptomining to the installation of a Remote Access Trojan (RAT), which effectively gives the hacker access to the user’s device and opens the door to future cyberattacks.

This isn’t the first time that malicious code has been hidden within images to commit ad fraud: In another exploit, known as steganography, pixels for an image will be replaced with code, causing the picture to look degraded.

But in a polyglot, Summitt said, the code is for both an image and the malware, which can hide the inclusion of the malicious code.

Remember why, specifically, the Bill of Rights was written...remember its purpose. It was written to limit the power of government over the individual.

There is no believing a liar, even when he speaks the truth.