Threat actors abuse Google Ads to distribute info-stealing malware: Report

The malware being distributed using Google Ads can collect passwords, cookies, and browsing data from a range of web browsers and applications

November 10, 2023 04:28 pm | Updated 04:28 pm IST

A threat actor was found abusing Google Ads to distribute a trojanised version of the CPU-Z tool to deliver the Redline info-stealing malware.

A threat actor was found abusing Google Ads to distribute a trojanised version of the CPU-Z tool to deliver the Redline info-stealing malware. | Photo Credit: AP

A threat actor was found abusing Google Ads to distribute a trojanised version of the CPU-Z tool to deliver the Redline info-stealing malware.

Threat actors were found using Google Ads to redirect users to a cloned copy of the legitimate Windows news site Windows Report.

Clicking on the ad takes the victim through a redirect step that tricks Google’s anti-abuse crawlers by sending invalid visitors to an innocuous site, a report from Bleeping Computer said.

Those deemed valid to receive the payload are redirected to a Windows news site that lookalike hosted on a number of different domains.  Users are then presented with a “Download now” button that results in them installing a malicious script that loads the malware on devices.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

This malware is a powerful stealer able to collect passwords, cookies, and browsing data from a range of web browsers and applications, as well as sensitive data from cryptocurrency wallets.

Users are advised to be careful when clicking on promoted results in Google Search and check the loaded site and the domain match before downloading any files. Users can also make use of adblockers to automatically hide such results from their search results.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.