Cybercriminals are constantly finding new ways to exploit vulnerabilities in popular software and platforms in order to spread malware and steal personal information. One of the latest methods being used is the exploitation of Google Ads to spread malware-riddled versions of popular software.
Among the software products being impersonated include Grammarly, Slack, Dashlane, Audacity, ITorrent, AnyDesk, Libre Office, OBS, Teamviewer, Thunderbird, and more.
The threat actors clone the official websites and distribute trojan versions of the software when users click the download button.
Several security researchers (mdmck10, MalwareHunterTeam, Will Dormann, Germán Fernández) have uncovered additional URLs hosting malicious downloads impersonating free and open-source software, confirming that luring users through sponsored results on Google search is a more common approach for cybercriminals.
Germán Fernández of cybersecurity company CronUp provides a list of 70 domains that are distributing malware through Google Ads search results by impersonating legitimate software.
Once the malware-riddled software is downloaded and installed, it can steal personal information, such as login credentials and banking information, and even take control of the infected computer.
Checking the URL of a download source is always good advice. Coupled with the use of an ad-blocker, the level of protection against this type of threat should decrease drastically.
Ad-blockers are available as extensions in most web browsers and, as their name says, they stop advertisements from being loaded and displayed on a web page, including search results.
Bijay Pokharel
Related posts
Recent Posts
Subscribe
Cybersecurity Newsletter
You have Successfully Subscribed!
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox. You are also consenting to our Privacy Policy and Terms of Use.