Cybercriminals are constantly finding new ways to exploit vulnerabilities in popular software and platforms in order to spread malware and steal personal information. One of the latest methods being used is the exploitation of Google Ads to spread malware-riddled versions of popular software.

Among the software products being impersonated include Grammarly, Slack, Dashlane, Audacity, ITorrent, AnyDesk, Libre Office, OBS, Teamviewer, Thunderbird, and more.

The threat actors clone the official websites and distribute trojan versions of the software when users click the download button.

Several security researchers (mdmck10MalwareHunterTeamWill DormannGermán Fernández) have uncovered additional URLs hosting malicious downloads impersonating free and open-source software, confirming that luring users through sponsored results on Google search is a more common approach for cybercriminals.

Buy Me a Coffee

Germán Fernández of cybersecurity company CronUp provides a list of 70 domains that are distributing malware through Google Ads search results by impersonating legitimate software.

Source: Bleepingcomputer

Once the malware-riddled software is downloaded and installed, it can steal personal information, such as login credentials and banking information, and even take control of the infected computer.

Checking the URL of a download source is always good advice. Coupled with the use of an ad-blocker, the level of protection against this type of threat should decrease drastically.

Ad-blockers are available as extensions in most web browsers and, as their name says, they stop advertisements from being loaded and displayed on a web page, including search results.

READ
T-Mobile Thwarts Cyberattack Amid Reports of Chinese-Linked Espionage Campaign