Tuesday, January 31, 2023

Google ads increasingly pointing to malware - Help Net Security

Last updated Wednesday, January 18, 2023 08:05 ET , Source: NewsService

The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many malicious ads served to users searching for software, cracked software, drivers – anything that can be downloaded, really – via Google and Bing.

The recent explosion of search engine malvertising

Malware peddlers employ a variety of methods to deliver their wares to unsuspecting users:

  • Malicious links or attachments served via email and messages, or posts on social media, online forums and IM groups
  • Malicious ads served by popular search engines

The latter tactic is particularly good at hitting a wide pool of potential targets, since most internet users also use search engines.

Lately, though, they have been overdoing it – or perhaps it’s just that more people have begun noticing it and talking about it online?

Many documented campaigns

HP threat researcher Patrick Schläpfer says that they have seen “a significant increase in malware distributed through malvertising, with multiple threat actors currently using this technique.”

Some of these campaigns have been going on since late last year, and mostly target users searching to download popular software (e.g., Audacity, Blender 3D, GIMP, Notepad++, Microsoft Teams, Discord, Microsoft OneNote, 7zip, OBS, etc.).

The malicious ads often manage to be the first link users see when searching for software on Google, and point to a (usually typosquatting) domain that...

Read Full Story: https://news.google.com/__i/rss/rd/articles/CBMiV2h0dHBzOi8vd3d3LmhlbHBuZXRzZWN1cml0eS5jb20vMjAyMy8wMS8xOC9nb29nbGUtYWRzLWluY3JlYXNpbmdseS1wb2ludGluZy10by1tYWx3YXJlL9IBAA?oc=5

Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.