These are, no doubt, working tips, but they may not work when you’re in a rush or not paying attention. check the URL before clicking on an ad, and better yet - skip Google and type the site’s URL directly into the browser. The FBI suggests that users should be more careful about what they download, i.e. The FBI, which has also noticed an increase in malware attacks using search ads, recently shared some tips on how to avoid becoming a victim. Since the use of antivirus software on its own is not enough to protect you from these attacks, we need to use other methods as well. Another challenge is that while you’d expect your antivirus software to stop your computer from actually uploading malware, cybercriminals have become quite adept at evading detection by antivirus programs. Just in the last few months, criminals have used ads to lure users to fake websites offering products like Slack, Grammarly, μTorrent, Malwarebytes, and Microsoft Visual Studio. With these types of malvertising attacks on the rise, it’s hard to find a popular application or piece of software that hasn’t been used as bait. Experts are sounding the alarm that the situation with malware being distributed through Google Ads is not getting better, but if anything, seems to be getting worse. In 2022, the numbers were much higher: in its latest ad safety report, Google said it blocked over 5.2 billion ‘bad’ ads (including 142 million for violating its misrepresentation policy) and suspended 6.7 million advertiser accounts.ĭespite all the efforts by Google, the tide shows no signs of turning. In 2013, Google said it removed over 350 million ‘bad’ ads, disabled ads from more than 400,000 sites hiding malware, and banned 270,000 ‘bad’ advertisers. With the online advertising market booming, Google simply can’t keep up with the ‘bad’ ads that slip through its policies. In fact, Google ads, including the sponsored links you see in search results, have been flooded with ‘bad’ ads for years. The Google Ads malvertising problem is far from new. Google Ads: a haven for malvertising?īumblebee is just one example of malware that has the potential to spread like wildfire through ads before The Big G gets a handle on it. The PowerShell script loaded Bumblebee into the computer’s memory without running it, making its detection by antivirus software difficult.Īccording to SecureWorks, the end goal of the attackers was to deploy ransomware, a type of malware that locks your computer or files and demands a ransom payment in order to regain access. In one campaign, SecureWorks observed two files being executed during installation of a rogue Cisco software laced with Bumblebee’s venom: a legitimate installer for Cisco An圜onnect and a malicious program called PowerShell, which, in turn, contained Bumblebee. When users follow the links, they end up on fake download pages where they are greeted by “trojanized” versions of the above software. In a recent blog post, SecureWorks said that cybercriminals have been populating Google ads with links that direct users to download hot new software, such as ChatGPT, and software that is favored by remote workers: Zoom, Cisco An圜onnect, a secure remote access VPN client, and Citrix Workspace, another popular remote work application. While SEO poisoning and Google Ads abuse are complementary, our focus in this article will be specifically on Google Ads. SEO poisoning involves a cybercriminal stuffing a malicious website with keywords, fake backlinks, and content that cause the rogue site to rank higher in search results than a legitimate site. According to researchers at SecureWorks, the malware loader, which used to be distributed primarily through phishing links, is now being spread through Google ads and search engine optimization (SEO) poisoning. One of the latest examples is a malware aptly named Bumblebee. These attacks do not take a rocket scientist to pull off and have become increasingly popular in recent times. This malware can then steal personal information, install other malware, including ransomware, or even take control of the computer. From there, the user downloads a Trojan horse, believing it to be a legitimate product. An unsuspecting user, believing that Google has vetted an advertiser before running an ad, clicks on the ad and is taken to a usually harmless site that has nothing to do with the software and then redirected to a clone of the company’s official website. It works like this: cybercriminals pay Google to run an ad in search so that their link appears at the top of search results. Such is the case with some Google search ads that trick users searching for popular applications into downloading malware. Nobody likes ads, but it is one thing when they are just annoying, and quite another when they are downright dangerous.
0 Comments
Leave a Reply. |