Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of a new campaign distributing the SmokeLoader malware.
"SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide range of attacks," Fortinet FortiGuard Labs said in a report shared with The Hacker News.
"While

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

Hackers stole $1.48 billion from the crypto industry in 2024. A new report highlights trends in blockchain security, including shifts in target networks.

**SUMMARY:**

*   **Crypto losses in November 2024 totalled $71 million, marking a 79% decrease from the same month in 2023.**

*   **DeFi projects accounted for all reported losses, with no major CeFi incidents recorded.**

*   **BNB Chain became the top target for attacks, hosting 46.7% of incidents, surpassing Ethereum.**

*   **99.96% of funds lost in November came from hacking, while rug pulls accounted for less than $26,000.**

*   **Year-to-date losses in 2024 reached $1.48 billion, a 15% reduction compared to 2023.**

*   **The $1.48 billion lost to hacks and scams in 2024 shows risks despite a 15% drop compared to the previous year.**

The cryptocurrency industry saw a surprising decrease in losses last month, according to a new report from Immunefi, a leading blockchain security platform. While decentralized finance (DeFi) projects continued to be a prime target, the overall figures show a promising trend.

The Immunefi report, shared with Hackread.com, reveals that $71 million was lost to hacks and rug pulls in November 2024, a notable 79% drop from the same month last year.

That figure, while still large, is the second-lowest monthly total this year and means a 79% decrease compared to November of last year. Overall, for 2024, the crypto industry has lost $1.48 billion ($1,489,921,677). While this is a considerable number, it is a 15% drop compared to the same period of 2023, suggesting progress in cybersecurity measures.

The YTD (year-to-date) total of $1.48 billion – Source: Immunefi

****DeFi: Still a Magnet for Malicious Activity****

Immunefi’s findings suggest that all $71 million in losses happened in the DeFi sector, with not a single report of a major hack or exploit affecting CeFi (centralized exchanges). Two noteworthy incidents that stand out are Thala Labs, a decentralized finance firm, lost $25.5 million, and the memecoin trading platform DEXX saw a $21 million loss.

****Hacks Continue to Dominate, Minimal Rug Pulls****

It’s not just the type of platform that shows a trend; the type of attack also shows clear patterns. Of all the funds stolen in November, 99.96% came from direct hacking incidents. Only a tiny fraction, $25,300, was lost through what are called “rug pulls,” where developers abandon a project after raising funds. This suggests that while scams do occur, the more sophisticated exploits are the more damaging threat.

Source: Immunefi

****BNB Chain Takes the Spotlight, Ethereum Drops Back****

The report showed a switch in which the blockchain network was targeted most often. In November, the BNB Chain surpassed Ethereum to become the leading target, hosting nearly half (46.7%) of all attacks. Ethereum came second with 30% of attacks. The rest of the incidents were found across several other networks.

****What Does This Mean?****

The Immunefi report shows a mixed situation for crypto security. While overall losses are down for the year, the dominance of DeFi exploits and the shift of attacker focus to BNB Chain means the fight is far from over.

While the overall loss figure is down, the YTD (year-to-date) total of $1.48 billion lost to hacks and scams still shows a considerable sum. Nevertheless, Immunefi’s report shows that the blockchain industry cannot afford to overlook vulnerabilities and scams, making a solid cybersecurity plan essential.

1.  **6 of the Best Crypto Bug Bounty Programs**
2.  **Top 5 Platforms for Identifying Smart Contract Vulnerabilities** 
3.  **Crypto Industry Lost $685M in Q3 2023, 30% by Lazarus Group**
4.  **Hackers Posed as Google Support to Steal $243 Million in Crypto**
5.  **From Amazon to Target: Hackers Mimic Top Brands in Crypto Scam  
    **

Hackers Drain $1.48 Billion from Crypto in 2024, Led by DeFi Exploits

Microsoft is readying a new release of Windows in 2025 that will have significant security controls, such as more resilient drivers and a "self-defending" operating system kernel.

Source: mundissima via Shutterstock

Microsoft is making sweeping changes to its Windows operating system (OS) in the wake of this past summer's flawed CrowdStrike update, which caused millions of commercial devices to crash and cost customers billions of dollars in downtime.

The incident was a major impetus for the new Windows Resiliency Initiative, introduced and outlined during a session at last week's Microsoft Ignite conference. Microsoft officials said the changes are being made based on what they learned from the July 19 event, resulting in what they promised to be a more reliable and secure OS in 2025.

David Weston, Microsoft's vice president of enterprise and OS security, identified three objectives intended to make Windows more secure: faster and simpler recovery times, more resilient drivers, and tools and changes to how the OS kernel is secured to make it "more effective and self-defending."

The changes will also affect software developers and third-party security tool providers.

"We're working together across the industry and will improve reliability, based on lessons from July, with new changes and standards in the OS," said Pavan Davuluri, corporate VP for Windows and devices at Microsoft.

The new Windows release is being designed to resist malware and script attacks with stronger controls for applications and drivers, while improved identity protection aims to prevent phishing attacks. Microsoft is also establishing a new approach to privilege access management, Davuluri said.

Microsoft will release a preview of the new release to Windows Insiders next July. It will include tighter controls over what applications and software drivers are permitted to run, stronger identity management, quick machine recovery, personal data encryption for folders, and improved OS management and configuration capabilities.

The release is poised to arrive just as Microsoft ends support for Windows 10 on Oct. 14, 2025. Although Microsoft has been encouraging customers to upgrade to Windows 11, which was released in 2021, on an ongoing basis, nearly 61% of all PCs worldwide still have Windows 10, according to Statcounter.

**Enabling Security Partners to Build Outside the Kernel**

Further, tied to its long-term Secure Future Initiative announced a year ago, Microsoft is moving to safer programming languages by incrementally shifting from C++ to Rust. A new Windows Resilient Security Platform will enable third-party security product developers to build their products outside of the kernel, Weston explained.

"We're ensuring this platform will enable security solution providers to have the access they need to detect and respond to threats without introducing complexity into the kernel," he said. "This change will help end-user protection and antivirus products provide a high level of security and easier recovery."

While the moves should make Windows more resilient to attacks, Forrester senior analyst Paddy Harrington would like to see Microsoft tighten access even further.

"I would much prefer it if Microsoft bit the bullet and put the walls back up. That would mean recoding for everyone who messes in the kernel driver world, including Microsoft, but it's a safer method of operation," says Harrington, who first opined on that point in a July blog post.

**Post-Incident Security Summit in Redmond**

Two months after the CrowdStrike incident, Microsoft hosted its Windows Endpoint Security Ecosystem Summit, in Redmond, Wash., with security vendors and representatives of the US Cybersecurity and Infrastructure Security Agency (CISA) on hand to discuss how to make the OS more resilient.

Leading into the meeting, Weston indicated that an examination of Windows crash reports signaled the need to change how kernel drivers are deployed.

"Since kernel drivers run at the most trusted level of Windows, where containment and recovery capabilities are, by nature, constrained, security vendors must carefully balance needs like visibility and tamper resistance with the risk of operating within kernel mode," Weston wrote in a July 27 post.

Following the summit, CISA last month published its Safe Software Deployment white paper, co-authored by the FBI, the Australian Signals Directorate's Australian Cyber Security Centre, and the Joint Cyber Defense Collaborative.

Omdia principal analyst Andrew Braunberg says that Microsoft is one of numerous vendors that have issued statements of support for CISA's Secure by Design pledge. However, it remains to be seen if it will follow through.

"It will be interesting to see if there is any change in behavior from Microsoft and other large software companies because of \[Donald\] Trump's win \[of the U.S. presidential election\]," Braunberg says. "These companies may reassess the external benefits of this support given a reduced, or eliminated, CISA under the new administration. There are international drivers for embracing Secure by Design principles, such as the EU Cyber Resiliency Act, but CISA has been the primary advocate in the US."

Nevertheless, Weston described CISA as playing an essential role in determining Microsoft's revamped security and resiliency standards for Windows endpoints.

"They are providing a framework for the whole IT industry to ensure that all partners, customers, and organizations are able to stay ahead of evolving security threats," he said.

Among the vendors at Microsoft's summit was CrowdStrike, which signaled it is endorsing Microsoft's Windows Resiliency Initiative.

"Microsoft's initiatives build on the discussions CrowdStrike participated in at the Windows Endpoint Security Summit in September, and we welcome innovations that enhance resiliency for our shared customers," a CrowdStrike spokesperson said. "The entire industry benefits when we collaborate to create a more resilient and open ecosystem that strengthens security for all."

Endpoint protection provider ESET is offering conditional support for Microsoft's initiative.

"In general, we support this evolution if it demonstrates measurable improvements to stability and strongly stress this must be on condition that any change must not weaken security, affect performance, or limit the choice and differentiation between cybersecurity solutions for customers," says ESET CTO Juraj Malcho.

**Shifting to Trusted Apps and Drivers**

Because many attacks result from users who download malicious or unsafe apps and drivers, Microsoft is adding Smart App Control and App Control for Business to Windows. These features use artificial intelligence to let administrators employ policies that require verified applications, according to Weston. He noted that Microsoft already offers this through App Locker, but it is complicated to manage.

A feature called "robust app control" will ensure that only verified apps can run, eliminating attacks from malicious attachments and socially engineered malware, he added.

**Thwarting Identity-Based Attacks and Overprivileged Accounts**

According to Microsoft's Entra ID data, more than 600 million identity attacks occur every day, 99% of which are password-based. In response, Microsoft has hardened its Windows Hello multifactor authentication capability, which uses biometrics. Microsoft has extended Windows Hello support for passkeys.

As part of its latest Windows Insider build, last week Microsoft released a preview of updates to its implementation of the WebAuthn APIs that will enable plug-in support for passkeys. In the coming months, Microsoft said third-party password managers will work with the native Windows passkey provider using Windows Hello. 

The new Windows release will also aim to reduce attacks resulting from users who have too many privileges and organizations that have insufficient privilege controls, which, according to Microsoft's Digital Defense report, are the cause of 93% of ransomware attacks.

A new feature called "administrator protection" will give employees standard user permissions by default "so they can still make Windows system changes, including app installation, but only when necessary and only after authorizing the change using Windows Hello," Weston said. "Admin protection will be incredibly disruptive to attackers, as they no longer have elevated privileges by default, and it will help ensure that employees do not use malware and remain in control of Windows."

According to Forrester's Harrington, the new app control approach should help organizations lock down their endpoints.

"I think there will be plenty of businesses who still go to third parties because of the flexibility those solutions bring," he says. "But this is a good move by Microsoft to breathe life back into the app control solution. For all those functions, I would have liked to see these moves earlier in the Windows 11 releases, but with Windows 10 going end-of-service next year, the timing works to give more enterprises reasons to move to Windows 11."

**About the Author**

Contributing Writer

Jeffrey Schwartz is a journalist who has covered information security and all forms of business and enterprise IT, including client computing, data center and cloud infrastructure, and application development for more than 30 years. Jeff is a regular contributor to Channel Futures. Previously, he was editor-in-chief of Redmond magazine and contributed to its sister titles Redmond Channel Partner, Application Development Trends, and Virtualization Review. Earlier, he held editorial roles with CommunicationsWeek, InternetWeek, and VARBusiness. Jeff is based in the New York City suburb of Long Island.

Microsoft Boosts Device Security With Windows Resiliency Initiative

The scourge of “malvertising” is nothing new, but the tactic is still so effective that it's contributing to the rise of investment scams and the spread of new strains of malware.

Malicious digital advertisements and “SEO poisoning” that gets those ads to prime spots in search results have been mainstays of the digital scamming ecosystem for years. But as online crime evolves and malicious trends like “pig butchering” investment scams and infostealing malware proliferate, researchers say that so-called “malvertising” is still a key technique for scammers—and still a growing problem.

Instances of malvertising in the US were up 42 percent month-over-month in fall 2023 and increased another 41 percent from July to September of this year, according to data from the security firm Malwarebytes. The company says that scammers typically cycle through the advertising accounts used for malvertising quickly, and 77 percent of the accounts are only used once. The bulk of the activity, though, traces back to South Asia and Southeast Asia, Malwarebytes says, with 90 percent of the ad fraud coming from Pakistan and Vietnam, according to the researchers' telemetry. But as with many components of the digital crime ecosystem, malvertising is often offered as a service where cybercriminals from around the world can purchase ads that distribute their malware or lead potential victims to a malicious website of their choosing.

Jérôme Segura, senior director of threat intelligence at Malwarebytes, emphasizes that a particularly effective place for potential victims to encounter malicious ads is in search results, where sponsored marketing content gains legitimacy just by showing up on the same page as legitimate search results. Such malicious ads can even end up getting prime placement in the layout of search results.

“Scammers are using the power of internet and advertising technology, which allows really immense targeting of the right victim. They can get the right ad with the right intent in front of them at the right time,” Segura says. “The fact that scammers are continuing to spend money on advertising shows that these scams are working and they’re getting a return on their ad spend.”

Malvertising has been and continues to be used in phishing attacks and credit card scams, as well as for distributing malware like cryptominers and ransomware. But researchers are increasingly seeing it being used to infect victims with infostealers as well. And researchers from the United Nations Office on Drugs and Crime report that malicious ads have been incorporated into pig butchering and other investment scams, and even romance scams.

“Malvertising is a cyberattack technique that injects malicious code within digital ads,” UNODC notes in a recent report on evolving cybercrime tactics. “Difficult to detect by both internet users and publishers, these infected ads are usually distributed to consumers through legitimate advertising networks. Because ads are displayed to all website visitors, virtually every page viewer is at risk of infection.”

Researchers regularly see malicious ads in search results representing themselves as coming from legitimate businesses and organizations. Whether it's a regional municipality, a utility like a power company, or a big business, people will use search engines simply to pull up the URL of an organization. And if the first results or the most convenient results to click on are ads, scammers have the opportunity to buy this real estate.

“The volume of these things is immense,” says Sean Gallagher, the senior threat researcher at Sophos. “Search engines like Google will say they check the content of ads to ensure they’re safe, but the thing is that attackers are using ad delivery networks and can redirect the URL after the ad is paid for.”

Google is clearly aware that malicious ad activity is growing and evolving. The company specifically addresses misleading and fraudulent ad activity in its policies, including a “misrepresentation policy,” and says that it takes numerous approaches to vetting ads and detecting malvertising. Attackers have continued to develop circumvention methods, though, to avoid having their ads flagged or removed. In 2023, Google blocked or removed about 5.5 billion ads and suspended more than 12.7 million advertiser accounts.

The company has also taken steps over the years to label ads clearly and delineate them in the search results layout. Still, any search engine that’s supported by ads ultimately has the two types of content side by side, especially on mobile, where users have limited screen space.

“We expressly prohibit ads that attempt to circumvent our enforcement by disguising the advertiser’s identity to deceive users and distribute malware," Google spokesperson Nate Funkhouser told WIRED in a statement. “When we identify an ad that violates this policy, we remove it and suspend the associated advertiser account as quickly as possible.”

Sophos' Gallagher points out that criminals can often get the most for their money when buying ads for more unique searches, where they can dominate the ad space and get to the top of the results more organically. But both Sophos and Malwarebytes researchers also regularly see malicious ads running against frequent searches like those for Google, Walmart, Disney+, Slack, Lowe’s, and Apple. Segura even says that Malwarebytes itself has to invest heavily in buying search engine ads just to keep malvertising at bay for the company's brand.

“We have to defend our brand so much,” he says. “People take advantage of that.”

Malicious Ads in Search Results Are Driving New Generations of Scams

Artificial Intelligence (AI) is no longer a far-off dream—it’s here, changing the way we live. From ordering coffee to diagnosing diseases, it’s everywhere. But while you’re creating the next big AI-powered app, hackers are already figuring out ways to break it.
Every AI app is an opportunity—and a potential risk. The stakes are huge: data leaks, downtime, and even safety threats if security

A Guide to Securing AI App Development: Join This Cybersecurity Webinar

Ever wonder what happens in the digital world every time you blink? Here's something wild - hackers launch about 2,200 attacks every single day, which means someone's trying to break into a system somewhere every 39 seconds.
And get this - while we're all worried about regular hackers, there are now AI systems out there that can craft phishing emails so convincingly, that even cybersecurity

THN Recap: Top Cybersecurity Threats, Tools and Tips (Nov 25 - Dec 1)

Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs.
"These PUP (potentially unwanted programs) applications use social engineering tactics to trick users into providing sensitive information and granting extra mobile app permissions, which

8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play

The US indictment against an alleged Phobos ransomware kingpin reveals that no company was too small for the cybercriminal gang to hit.

The US Department of Justice has charged a Russian national named Evgenii Ptitsyn with selling, operating, and distributing a ransomware variant known as “Phobos” during a four-year cybercriminal campaign that extorted at least $16 million from victims across the world.

The government’s indictment against Ptitsyn should dispel any notion that ransomware gangs only target the largest, richest, most robust corporations on the planet, as one Phobos affiliate allegedly extorted a Maryland-based healthcare provider out of just $2,300—possibly the lowest payment ever recorded.

In a November 18 statement, Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division, stressed the wanton victim targeting by Ptitsyn’s ransomware network.

> “Ptitsyn and his co-conspirators hacked not only large corporations but also schools, hospitals, nonprofits, and a federally recognized tribe, and they extorted more than $16 million in ransom payments.”

Ransomware is the single most devastating cyberthreat to businesses today. Through a variety of evolving techniques, cybercriminals break into a company’s network and then deploy ransomware to lock down every file, computer, and sensitive piece of data within reach. The files cannot be unlocked without a “decryption key,” which the cybercriminals will only offer for a price.

But for many companies, the price of a ransom demand isn’t the only dilemma they face, as the price of recovery can be even heftier.

According to Malwarebytes’ business unit, ThreatDown, the average cost of a ransomware attack—excluding the ransom itself—is a whopping $4.7 million. That enormous sum represents a company’s downtime during a ransomware attack, any reputational damage it suffers, and the lengthy recovery process of rebuilding databases and reestablishing workplace accounts and permissions.

From what was revealed in the government’s indictment against Ptitsyn, those costs were likely beyond reach for many Phobos victims, which included a marketing and data analytics firm in Arizona, a Connecticut public school system, and an automotive company out of Ohio.

According to an analysis of Phobos ransom demands last year, these smaller targets line up with the gang’s focus. In 2023, ThreatDown discovered that, unlike other ransomware gangs that demanded up to $1 million or more from each victim, Phobos operators demanded an average of $1,719 from victims, with a median demand of just $300.

Smaller demands mean little, however, for the companies hit by the ransomware.

Ptitsyn, who was extradited to the United States out of South Korea, now faces 13 counts, which include wire fraud, conspiracy to commit wire fraud, and conspiracy to commit computer fraud and abuse, along with four counts each of causing intentional damage to protected computers and extortion in relation to hacking. According to the Department of Justice, the charges carry a “maximum penalty of 20 years in prison for each wire fraud count; 10 years in prison for each computer hacking count; and five years in prison for conspiracy to commit computer fraud and abuse.”

**How to protect your small business from ransomware**

As is true with all malware infections, the best defense to a ransomware attack is to never allow an attack to occur in the first place. Take on the following steps to secure your business from this existential threat:

*   **Block common forms of entry.** Patch known vulnerabilities in internet-facing software and disable or harden the login credentials for remote work tools like RDP ports and VPNs.
*   **Prevent intrusions and stop malicious encryption.** Stop threats early before they can infiltrate or infect your endpoints. Use always-on cybersecurity software that can prevent exploits and malware used to deliver ransomware.
*   **Create offsite, offline backups.** Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
*   **Don’t get attacked twice.** Once you’ve isolated an outbreak and stopped a first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.

 No company too small for Phobos ransomware gang, indictment reveals 

This week on the Lock and Code podcast, we re-air an episode from 2023 about why modern cars want to know about your sex life and a lot more.

_This week on the Lock and Code podcast_…

Two weeks ago, the Lock and Code podcast shared three stories about home products that requested, collected, or exposed sensitive data online.

There were the air fryers that asked users to record audio through their smartphones. There was the smart ring maker that, even with privacy controls put into place, published data about users’ stress levels and heart rates. And there was the smart, AI-assisted vacuum that, through the failings of a group of contractors, allowed an image of a woman on a toilet to be shared on Facebook.

These cautionary tales involved “smart devices,” products like speakers, fridges, washers and dryers, and thermostats that can connect to the internet.

But there’s another smart device that many folks might forget about that can collect deeply personal information—their cars.

Today, the Lock and Code podcast with host David Ruiz revisits a prior episode from 2023 about what types of data modern vehicles can collect, and what the car makers behind those vehicles could do with those streams of information.

In the episode, we spoke with researchers at Mozilla—working under the team name “Privacy Not Included”—who reviewed the privacy and data collection policies of many of today’s automakers.

To put it shortly, the researchers concluded that cars are a privacy nightmare. 

According to the team’s research, Nissan said it can collect “sexual activity” information about consumers. Kia said it can collect information about a consumer’s “sex life.” Subaru _passengers_ allegedly consented to the collection of their data by simply being in the vehicle_._ Volkswagen said it collects data like a person’s age and gender and whether they’re using your seatbelt, and it could use that information for targeted marketing purposes. 

And those are just the highlights. Explained Zoë MacDonald, content creator for Privacy Not Included: 

> “We were pretty surprised by the data points that the car companies say they can collect… including social security number, information about your religion, your marital status, genetic information, disability status… immigration status, race.”

In our full conversation from last year, we spoke with Privacy Not Included’s MacDonald and Jen Caltrider about the data that cars can collect, how that data can be shared, how it can be used, and whether consumers have any choice in the matter.

Tune in today to listen to the full conversation.

_Show notes and credits:_

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)  
Licensed under Creative Commons: By Attribution 4.0 License  
http://creativecommons.org/licenses/by/4.0/  
Outro Music: “Good God” by Wowa (unminus.com)

**Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.**

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium for Lock and Code listeners.

 These cars want to know about your sex life (re-air) (Lock and Code S05E25) 

Brands have been at the mercy of the algorithm when it comes to where their ads appear online, but they’re about to get more control.

Digital advertising is a whopping $700 billion (£530 billion) industry that remains largely unregulated, with few laws in place to protect brands and consumers. Companies and brands advertising products often don’t know which websites display their ads. I run Check My Ads, an ad tech watchdog, and we constantly deal with situations where advertisers and citizens have been the victims of lies, scams, and manipulations. We have removed ads from websites with serious disinformation about Covid-19, false election content, and even AI-generated obituaries.

Currently, if a brand wants to advertise a product, Google facilitates the ad placement based on desired ad reach and metrics. It may technically follow through on the agreement by delivering views and clicks, but does not provide transparent data about how and where the ad views came from. It is possible that the ad was shown on unsavory websites diametrically opposed to the brand’s values. For example, in 2024, Google was found to be profiting by placing product ads on websites that promoted hardcore pornography, disinformation, and even hate speech, against the brands’ wishes.

In 2025, however, this scandal will end, as we start to enact the first regulations targeting the digital advertising industry. Around the world, lawmakers in Brussels, Ottawa, Washington, and London are already in the early stages of developing regulation that will ensure brands have access to the legal support to ask questions, check ad data, and receive automatic refunds when they find that their digital campaigns have been subject to fraud or safety violations.

In Canada, for example, Parliament is deliberating the enactment of the Online Harms Act, a law to incentivize the removal of sexual content involving minors. The idea behind this law is that if the content is illegal, then making money off it should be illegal, too.

In California and New York, advocates are also proposing legislation that will aim to implement a know-your-customer law to track the global financial trade of advertising. This is significant because these two states power the global ad tech industry. New York has more ad tech companies than any other city in the world. Transparency laws enacted in California, on the other hand, would affect Google’s international advertising business—by far the biggest ad tech company in the world.

Beyond brand and consumer issues, the unregulated nature of the digital advertising landscape is a direct threat to democracy. In the US, for instance, presidential campaign spending remains effectively unregulated. It is estimated that the presidential campaigns will spend up to $2 billion (£1.5 billion) on digital advertising in 2024. With current laws, we will likely have no external data about their refunds or rates.

In 2025, the legislative pressure is on for big tech companies to regulate ad technology.

Latest News