Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
20 résultats taggé malvertising  ✕
The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads | Malwarebytes https://www.malwarebytes.com/blog/news/2025/01/the-great-google-ads-heist-criminals-ransack-advertiser-accounts-via-fake-google-ads
19/01/2025 10:44:55
QRCode
archive.org
thumbnail

Online criminals are targeting individuals and businesses that advertise via Google Ads by phishing them for their credentials — ironically — via fraudulent Google ads.

The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages. We believe their goal is to resell those accounts on blackhat forums, while also keeping some to themselves to perpetuate these campaigns.

This is the most egregious malvertising operation we have ever tracked, getting to the core of Google’s business and likely affecting thousands of their customers worldwide. We have been reporting new incidents around the clock and yet keep identifying new ones, even at the time of publication.

malwarebytes EN 2025 GoogleAds malvertising phishing
Malicious ads push Lumma infostealer via fake CAPTCHA pages https://www.bleepingcomputer.com/news/security/malicious-ads-push-lumma-infostealer-via-fake-captcha-pages/
22/12/2024 20:47:10
QRCode
archive.org
thumbnail

A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot.

bleepingcomputer EN 2024 Captcha ClickFix Information-Stealer Lumma Malvertising Malware PowerShell Security InfoSec Computer-Security
Malicious Ads in Search Results Are Driving New Generations of Scams | WIRED https://www.wired.com/story/malicious-ads-in-search-results-are-driving-new-generations-of-scams/
05/12/2024 09:02:29
QRCode
archive.org
thumbnail

The scourge of “malvertising” is nothing new, but the tactic is still so effective that it's contributing to the rise of investment scams and the spread of new strains of malware.

wired EN 2024 Malicious Ads malvertising malware
Lowe's employees phished via Google ads | Malwarebytes https://www.malwarebytes.com/blog/news/2024/09/lowes-employees-phished-via-google-ads
06/09/2024 11:29:16
QRCode
archive.org
thumbnail

Criminals are impersonating MyLowesLife, Lowes' HR portal for current and former employees.

malwarebytes EN 2024 Lowe MyLowesLife malvertising GoogleAds
Fake Google Authenticator Website Installs Malware https://any.run/cybersecurity-blog/fake-google-authenticator-campaign/
02/09/2024 11:46:48
QRCode
archive.org
thumbnail

See how adversaries are impersonating Google Authenticator in Google Ads to deliver the DeerStealer information-stealing malware. 

any.run EN 2024 Google Authenticator GoogleAds fake malvertising
Finding Malware: Unveiling NUMOZYLOD with Google Security Operations https://www.googlecloudcommunity.com/gc/Community-Blog/Finding-Malware-Unveiling-NUMOZYLOD-with-Google-Security/ba-p/789551
24/08/2024 12:24:14
QRCode
archive.org

Welcome to the Finding Malware Series The "Finding Malware," blog series is authored to empower the Google Security Operations community to

googlecloudcommunity EN 2024 NUMOZYLOD analysis malvertising
Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft https://www.trendmicro.com/en_us/research/24/h/malvertising-campaign-fake-ai-editor-website-credential-theft.html
03/08/2024 02:04:24
QRCode
archive.org
thumbnail

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

trendmicro EN 2024 malware cyber-crime research phishing malvertising social media fake mimic campaign
Google ads push fake Google Authenticator site installing malware https://www.bleepingcomputer.com/news/security/google-ads-push-fake-google-authenticator-site-installing-malware/
31/07/2024 19:49:22
QRCode
archive.org
thumbnail

Google has fallen victim to its own ad platform, allowing threat actors to create fake Google Authenticator ads that push the DeerStealer information-stealing malware.

bleepingcomputer EN 2024 Malvertising Security Authenticator Info Stealer Malware Google
Malvertising Campaign Leads to Execution of Oyster Backdoor https://www.rapid7.com/blog/post/2024/06/17/malvertising-campaign-leads-to-execution-of-oyster-backdoor/
25/06/2024 00:00:43
QRCode
archive.org
thumbnail

Rapid7 observed a recent malvertising campaign luring users to download malicious installers for popular software like Google Chrome and Microsoft Teams.

rapid7 EN 2024 Malvertising Oyster Backdoor
Ongoing Malvertising Campaign leads to Ransomware https://www.rapid7.com/blog/post/2024/05/13/ongoing-malvertising-campaign-leads-to-ransomware/
14/05/2024 10:18:38
QRCode
archive.org
thumbnail

Rapid7 has observed an ongoing campaign to distribute trojanized installers for WinSCP and PuTTY via malicious ads on commonly used search engines, where clicking on the ad leads to typo squatted domains.

rapid7 EN 2024 Malvertising Campaign Ransomware WinSCP PuTTY
New Backdoor, MadMxShell https://www.zscaler.com/blogs/security-research/malvertising-campaign-targeting-it-teams-madmxshell
18/04/2024 22:06:32
QRCode
archive.org
thumbnail

Beginning in March of 2024, Zscaler ThreatLabz observed a threat actor weaponizing a cluster of domains masquerading as legitimate IP scanner software sites to distribute a previously unseen backdoor. The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged GoogleAds to push these domains to the top of search engine results targeting specific search keywords, thereby luring victims to visit these sites.

The newly discovered backdoor uses several techniques such as multiple stages of DLL sideloading, abusing the DNS protocol for communicating with the command-and-control (C2) server, and evading memory forensics security solutions. We named this backdoor “MadMxShell” for its use of DNS MX queries for C2 communication and its very short interval between C2 requests.

zscaler EN 2024 typosquatting MadMxShell GoogleAds DNS Malvertising Advance-ip-scanner
Crypto drainer steals $59 million from 63k people in Twitter ad push https://www.bleepingcomputer.com/news/security/crypto-drainer-steals-59-million-from-63k-people-in-twitter-ad-push/
23/12/2023 12:45:39
QRCode
archive.org
thumbnail

Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months.

bleepingcomputer EN 2023 CryptoCurrency Drainer Financial-Theft Google-Ads Malvertising MS-Drainer Phishing Twitter
The forgotten malvertising campaign https://www.malwarebytes.com/blog/threat-intelligence/2023/10/the-forgotten-malvertising-campaign
17/10/2023 23:05:39
QRCode
archive.org
thumbnail

In recent weeks, we have noted an increase in malvertising campaigns via Google searches. Several of the threat actors we are tracking have improved their techniques to evade detection throughout the delivery chain.

We believe this evolution will have a real world impact among corporate users getting compromised via malicious ads eventually leading to the deployment of malware and ransomware.

In this blog post, we look at a malvertising campaign that seems to have flown under the radar entirely for at least several months. It is unique in its way to fingerprint users and distribute time sensitive payloads.

malwarebytes EN 2023 Notepad++ GoogleAds malvertising
PSA: Ongoing Webex malvertising campaign drops BatLoader https://www.malwarebytes.com/blog/threat-intelligence/2023/09/ongoing-webex-malvertising-drops-batloader
13/09/2023 22:03:09
QRCode
archive.org
thumbnail

A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have bought an advert that impersonates Cisco's brand and is displayed first when performing a Google search.

malwarebytes EN 2023 Webex malvertising campaign BatLoader
Into the tank with Nitrogen https://news.sophos.com/en-us/2023/07/26/into-the-tank-with-nitrogen/
31/07/2023 15:09:05
QRCode
archive.org
thumbnail

The element originally known as “foul air” stinks up computers as a new initial-access campaign exhibiting some uncommon techniques

sophos analysis EN 2023 Nitrogen Malvertising initial-access
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising https://thehackernews.com/2023/07/blackcat-operators-distributing.html
05/07/2023 09:30:26
QRCode
archive.org
thumbnail

Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application.

thehackernews EN 2023 BlackCat Ransomware Disguised WinSCP Malvertising
New OpcJacker Malware Distributed via Fake VPN Malvertising https://www.trendmicro.com/en_us/research/23/c/new-opcjacker-malware-distributed-via-fake-vpn-malvertising.html
29/03/2023 21:26:28
QRCode
archive.org
thumbnail

We discovered a new malware, which we named “OpcJacker” (due to its opcode configuration design and its cryptocurrency hijacking ability), that has been distributed in the wild since the second half of 2022.

trendmicro EN 2023 malware endpoints research articles news reports OpcJacker VPN Malvertising
.NET Virtualization Thrives in Malvertising Attacks https://www.sentinelone.com/labs/malvirt-net-virtualization-thrives-in-malvertising-attacks/
02/02/2023 21:21:11
QRCode
archive.org
thumbnail

.NET malware loaders distributed through malvertising are using obfuscated virtualization for anti-analysis and evasion in an ongoing campaign.

sentinelone EN 2023 Malvertising googleads
Shlayer Malware: Continued Use of Flash Updates https://www.crowdstrike.com/blog/shlayer-malvertising-campaigns-still-using-flash-update-disguise/
28/12/2022 02:49:09
QRCode
archive.org
thumbnail

Although Flash Player reached end of life for macOS in 2020, this has not stopped Shlayer operators from continuing to abuse it for malvertising campaigns.

crowdstrike EN 2021 Flash Player macOS Shlayer malvertising analysis IoCs
Google ads lead to major malvertising campaign https://blog.malwarebytes.com/threat-intelligence/2022/07/google-ads-lead-to-major-malvertising-campaign/
20/07/2022 22:38:50
QRCode
archive.org
thumbnail

Scammers go mainstream by hijacking top Google searches and replacing them with malicious ads.

malwarebytes EN 2022 ads Google abuse malvertising scammers
4252 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio