Threat Awareness – Threat Actors Infecting Victims Via Ads on Google Search

To improve the chances of infecting more victims, threat actors are increasingly exploiting the Google Ads platform to push malicious downloads and spread malware via search results. The FBI warned about this activity in a public service announcement late last month, stating that cyber criminals are exploiting search engine advertisements to impersonate brands and direct users to malicious sites that host ransomware and steal login credentials and other financial data. Likewise, according to a new report by HP Wolf Security, over the last two months the company observed “a significant increase in malware distributed through malvertising, with multiple threat actors currently using this technique.” Many of the malicious ads target users looking to download popular software such as Audacity, Notepad++, Microsoft Teams, Discord, Microsoft OneNote, among others. The malicious ads are typically the first link users see when searching for software on Google and point to a fake URL (URL hijacking) domain that appears to be the original software provider’s page. To defend against this activity, members can utilize a reputable ad-blocker which are free common extensions in most web browsers. Read more at HelpNetSecurity or access the full report at HP Wolf Security here.