So I had Texags up, and I wasn't at my computer, but I came back and noticed that file had downloaded automatically caled DriverUpdate.exe from this link: http://download.driverupdateplus.com/camp/DriverUpdate.exe

This was on August 11th, and today. Additionally, earlier, I had one of the following hijack my browser.

https://navistmedia.com/out?out=https%3A%2F%2Fvictustraffic.com%2F%3Fpid%3D8%26sid%3Dstream%26kw%3Dbuy%26f%3Dclick%26bu%3Dhttps%253A%252F%252Fnavistmedia.com%252Fclick.php%253Fkey%253Dyvjej401yxqsnx7c22hl%2526t1%253Dzone%2526t2%253Dstream%2526t3%253Dsubzone%2526cost%253Dusdcost

https://dynamic2pixel.com/click?node=4&time=1534376700&id=31&pid=8&fid=8&sid=13342&rank=0&ad=eyJ0aXRsZSI6IkMxIiwidXJsIjoiQWxpRXhwcmVzcy5jb20ifQ%3D%3D

http://mediatrackingapi.com/Bb.php?q1=LXDotOP3ZefuTOUuNCyX2ArgPIsWJfCbSgoRSgrdPKo,&eps=LsfhqKGkW5NLYw0VWcpIdY5D46r_Yh_mAV-wQZy_kncrHINHRVDIXySEhGUY0c7LygA-E4XwG9bLzh83_NqA0A,,&bid=0.031

I also had a facebook tab and netflix tab open at the time. I'm on Windows 7, running chrome.

Thanks for the update. I'll investigate ads that potentially navigated your browser to one of those urls. I don't think we'd be the culprit for the DriverUpdate.exe download. This is some type of malware that is quickly spreading right now. I've seen reports of it from Google and Facebook. Regardless, I'll investigate further.

I keep getting the driverupdate.exe file automatically downloading as well. On Chrome if that helps.

I'm on chrome as well. Maybe I'll open up a bunch of texags tabs today when I go to the gym and see what happens.

So the Texags tab I had open redirected to here:

https://navistmedia.com/out?out=https%3A%2F%2Fvictustraffic.com%2F%3Fpid%3D8%26sid%3Dstream%26kw%3Dbuy%26f%3Dclick%26bu%3Dhttps%253A%252F%252Fnavistmedia.com%252Fclick.php%253Fkey%253Dyvjej401yxqsnx7c22hl%2526t1%253Dzone%2526t2%253Dstream%2526t3%253Dsubzone%2526cost%253Dusdcost

Which then went to here:
https://dynamic2pixel.com/click?node=4&time=1535337600&id=3&pid=8&fid=8&sid=13342&rank=0&ad=eyJ0aXRsZSI6IiIsInVybCI6IiJ9

And then here:
https://softwarehomestore.com/campaign/greythan3/?ID=acsh18tc&sub=acsh18tc&subid=1806371-3979200730-0&S2=15353376001655051923087444743314001&SUTM=321387

At the same time I had tab open for slickdeals and slack. So it's either slick deals or texags, but I'm not sure if one tab could redirect another one. Still in chrome.

Got hit again with this,



redirected to one of the two below
http://eaypyybe.win/us5462/index.php?clickid=15432135552923770548240274477161262&zone=1806371-3979200730-0

: http://gbn5628.space/ln/_6bW.y3yWz_xVNFriHgVFYDsE9n.cdCAQnRmm5YP9y_K9_6Z8v5CMXga7jORqsLbtrjUSX8VgA3C_HKhqFYjErYTAfCQC2W8E9eY5N0G2Q.XaweaCoQnPeS08.I4xc8ruxaUgZq.D5cqEzSNL9_lOyyhRGcsg3jb0EjGeNBbrWOPrWads85FSw8ha7D77lxUBem_hVOjIP1dqTG9Kbc.tsBI3pc7fJzyHeRKEX0rk8luhvwcUr32yRza38NS7VwbNXXZUQR8fHr5RZi0mL.hL3VHPz4Q.PDaxEIQVka9iIf4fIJoylnVhRrE09SAtW1EXsonxTAku1_U4sTA7flTZlR_dYI.SZv6OJYhcWaGER10ZKLeZ9Wl6gYgsn00xbon

Only tabs open were texags, slick deals, and twitter