Cybercriminals Exploit Google Ads and Phishing Websites to Spread Malware
Google Ads are being exploited in malicious campaigns to spread malware by impersonating popular software websites. The malicious websites are promoted via Google Ad campaigns. Upon clicking the advertisement, the victims land on a malicious cloned copy of the original website. When users click on the download button, trojanized versions of the software are downloaded, containing Raccoon Stealer, Vidar Stealer and IcedID malware loaders. The payload is downloaded from trusted file-sharing and code-hosting services like GitHub, Dropbox, and Discord’s CDN to evade detection. The campaigns have impersonated Grammarly, MSI Afterburner, Slack, Dashlane, Malwarebytes, OBS, Ring, AnyDesk, LibreOffice, Teamviewer, Thunderbird, and Brave.
CEO at Tracc Development, Inc.
Paul Bergman runs a business strategy and cybersecurity consulting company in San Diego. He is also CEO of a mentoring non-profit in San Diego, Lamp of Learning. He writes on cybersecurity and board management for both corporate and nonprofit boards.
Latest posts by Paul Bergman (see all)
- The Imperative for Cyber Talent on Corporate Boards - March 29, 2024
- Talking CMMC preparation - March 12, 2024
- Protecting Your Business: Strategies to Combat DNS Attacks - February 20, 2024
