Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 2
21 résultats taggé GoogleAds  ✕
The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads https://www.malwarebytes.com/blog/news/2025/01/the-great-google-ads-heist-criminals-ransack-advertiser-accounts-via-fake-google-ads
19/01/2025 10:44:55
QRCode
archive.org
thumbnail

Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials — ironically — via fraudulent Google ads.

The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages. We believe their goal is to resell those accounts on blackhat forums, while also keeping some to themselves to perpetuate these campaigns.

This is the most egregious malvertising operation we have ever tracked, getting to the core of Google’s business and likely affecting thousands of their customers worldwide. We have been reporting new incidents around the clock and yet keep identifying new ones, even at the time of publication.

malwarebytes EN 2025 GoogleAds malvertising phishing
Lowe's employees phished via Google ads | Malwarebytes https://www.malwarebytes.com/blog/news/2024/09/lowes-employees-phished-via-google-ads
06/09/2024 11:29:16
QRCode
archive.org
thumbnail

Criminals are impersonating MyLowesLife, Lowes' HR portal for current and former employees.

malwarebytes EN 2024 Lowe MyLowesLife malvertising GoogleAds
Fake Google Authenticator Website Installs Malware https://any.run/cybersecurity-blog/fake-google-authenticator-campaign/
02/09/2024 11:46:48
QRCode
archive.org
thumbnail

See how adversaries are impersonating Google Authenticator in Google Ads to deliver the DeerStealer information-stealing malware. 

any.run EN 2024 Google Authenticator GoogleAds fake malvertising
Watch out for tech support scams lurking in sponsored search results https://www.malwarebytes.com/blog/news/2024/05/watch-out-for-tech-support-scams-lurking-in-sponsored-search-results
03/05/2024 11:21:44
QRCode
archive.org
thumbnail

Our researchers found fake sponsored search results that lead consumers to a typical fake Microsoft alert site set up by tech support scammers.

malwarebytes EN 2024 scam fake-support Microsoft GoogleAds
New Backdoor, MadMxShell https://www.zscaler.com/blogs/security-research/malvertising-campaign-targeting-it-teams-madmxshell
18/04/2024 22:06:32
QRCode
archive.org
thumbnail

Beginning in March of 2024, Zscaler ThreatLabz observed a threat actor weaponizing a cluster of domains masquerading as legitimate IP scanner software sites to distribute a previously unseen backdoor. The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged GoogleAds to push these domains to the top of search engine results targeting specific search keywords, thereby luring victims to visit these sites.

The newly discovered backdoor uses several techniques such as multiple stages of DLL sideloading, abusing the DNS protocol for communicating with the command-and-control (C2) server, and evading memory forensics security solutions. We named this backdoor “MadMxShell” for its use of DNS MX queries for C2 communication and its very short interval between C2 requests.

zscaler EN 2024 typosquatting MadMxShell GoogleAds DNS Malvertising Advance-ip-scanner
The forgotten malvertising campaign https://www.malwarebytes.com/blog/threat-intelligence/2023/10/the-forgotten-malvertising-campaign
17/10/2023 23:05:39
QRCode
archive.org
thumbnail

In recent weeks, we have noted an increase in malvertising campaigns via Google searches. Several of the threat actors we are tracking have improved their techniques to evade detection throughout the delivery chain.

We believe this evolution will have a real world impact among corporate users getting compromised via malicious ads eventually leading to the deployment of malware and ransomware.

In this blog post, we look at a malvertising campaign that seems to have flown under the radar entirely for at least several months. It is unique in its way to fingerprint users and distribute time sensitive payloads.

malwarebytes EN 2023 Notepad++ GoogleAds malvertising
Sneaky Amazon Google ad leads to Microsoft support scam https://www.bleepingcomputer.com/news/security/sneaky-amazon-google-ad-leads-to-microsoft-support-scam/
21/08/2023 20:19:41
QRCode
archive.org
thumbnail

A legitimate-looking ad for Amazon in Google search results redirects visitors to a Microsoft Defender tech support scam that locks up their browser.

bleepingcomputer EN 2023 GoogleAds technical-support scam
Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator https://www.trendmicro.com/en_us/research/23/f/malvertising-used-as-entry-vector-for-blackcat-actors-also-lever.html
03/07/2023 08:56:21
QRCode
archive.org
thumbnail

We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.

trendmicro EN 2023 malware endpoints BlackCat WinSCP report SpyBoy GoogleAds
Malvertising via brand impersonation is back again https://www.malwarebytes.com/blog/threat-intelligence/2023/05/malvertising-its-a-jungle-out-there
24/05/2023 21:36:54
QRCode
archive.org
thumbnail

Web search is about to embark on a new journey thanks to artificial intelligence technology that online giants such as Microsoft and Google are experimenting with. Yet, there is a problem when it comes to malicious ads displayed by search engines that AI likely won't be able to fix.

malwarebytes EN 2023 brand impersonation GoogleAds
BatLoader Continues to Abuse Google Search Ads to Deliver… https://www.esentire.com/blog/batloader-continues-to-abuse-google-search-ads-to-deliver-vidar-stealer-and-ursnif
15/03/2023 21:53:30
QRCode
archive.org
thumbnail

Learn more about the BatLoader malware, how we detected the attack, and recommendations from our Threat Response Unit (TRU) to protect your business from…

esentire EN 2023 BatLoader GoogleAds vidar ursnif
Bitwarden password vaults targeted in Google ads phishing attack https://www.bleepingcomputer.com/news/security/bitwarden-password-vaults-targeted-in-google-ads-phishing-attack/
08/02/2023 17:03:24
QRCode
archive.org
thumbnail

Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.

bleepingcomputer EN 2023 1Password Bitwarden GoogleAds googleads MFA Multi-Factor-Authentication Password-Manager Passwords Phishing
Malware-Traffic-Analysis.net - 2023-02-03 - DEV-0569 activity: Google ad --> FakeBat Loader --> Redline Stealer & Gozi/ISFB/Ursnif https://www.malware-traffic-analysis.net/2023/02/03/index.html
05/02/2023 10:46:32
QRCode
archive.org

NOTES:

Zip files are password-protected. If you don't know the password, see the "about" page of this website.
IOCs are listed on this page below all of the images.

malware-traffic-analysis EN 2023 analysis googleads DEV-0569 CPU-Z IoCs
.NET Virtualization Thrives in Malvertising Attacks https://www.sentinelone.com/labs/malvirt-net-virtualization-thrives-in-malvertising-attacks/
02/02/2023 21:21:11
QRCode
archive.org
thumbnail

.NET malware loaders distributed through malvertising are using obfuscated virtualization for anti-analysis and evasion in an ongoing campaign.

sentinelone EN 2023 Malvertising googleads
Google sponsored ads malvertising targets password manager https://www.malwarebytes.com/blog/threat-intelligence/2023/01/google-sponsored-ads-malvertising-targets-password-manager
01/02/2023 19:36:45
QRCode
archive.org
thumbnail

We have recently written about malvertising campaigns that leverage Google paid advertisements to try and trick people into downloading malware instead of the software they were looking for. This malware then stole login credentials from the affected system.

malwarebytes EN 2023 Google googleads passwordmanagers malware
Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results https://www.sentinelone.com/blog/breaking-down-the-seo-poisoning-attack-how-attackers-are-hijacking-search-results/
21/01/2023 22:56:51
QRCode
archive.org
thumbnail

SEO poisoning is gaining momentum as threat actors leverage malicious ads to deliver malware through web browser searches.

sentinelone EN 2023 SEO poisoning Hijacking Search Results googleads malware web malicious
Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner https://www.bleepingcomputer.com/news/security/hackers-push-malware-via-google-search-ads-for-vlc-7-zip-ccleaner/
20/01/2023 12:00:16
QRCode
archive.org
thumbnail

Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.

bleepingcomputer EN 2023 googleads Advertisement Google Info-Stealer RedLine Search Vidar
InfoSec Handlers Diary Blog - SANS Internet Storm Center https://isc.sans.edu/diary/29448
18/01/2023 13:37:13
QRCode
archive.org
thumbnail

Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware

SANS EN 2023 googleads Fake Notepad Aurora Stealer malware
Google Ads Exploited to Spread Malware https://heimdalsecurity.com/blog/google-ads-exploited-to-spread-malware/
18/01/2023 13:34:43
QRCode
archive.org
thumbnail

Google Ads is one of the most popular advertising platform, but it's also a target for cybercriminals. Learn how they are using it to spread malware.

heimdalsecurity EN 2022 googleads abuse Malware Exploited
Google Ads Malware Wipes NFT Influencer's Crypto Wallet https://www.hackread.com/google-ads-malware-nft-crypto-wallet/
18/01/2023 13:33:35
QRCode
archive.org
thumbnail

NFT influencer @NFT_GOD downloaded malware through Google Ads while attempting to download OBS, an open-source video streaming software.

hackread EN 2023 googleads OBS open-source abuse influencer NFT
“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets https://labs.guard.io/masquerads-googles-ad-words-massively-abused-by-threat-actors-targeting-organizations-gpus-42ae73ee8a1e
18/01/2023 13:31:41
QRCode
archive.org

A newly uncovered technique to abuse Google’s ad-words powerful advertisement platform is spreading rogue promoted search results in mass. Pointing to allegedly credible advertisement sites that are fully controlled by threat actors, those are used to masquerade and redirect ad-clickers to malicious phishing pages gaining the powerful credibility and targeting capabilities of Google’s search results. Adding customized malware payloads, threat actors are raising the bar for successful malware deployments on Personal PCs with ad words like Grammarly, Malwarebytes, and Afterburner as well as with Visual Studio, Zoom, Slack, and even Dashlane to target organizations.

labs.guard.io EN 2022 googleads technique advertisement abuse malware distribution
page 1 / 2
4514 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio