1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Fake Google ads are trying to trick users into downloading nasty

    From TechnologyDaily@1337:1/100 to All on Mon Jan 29 20:30:05 2024
    Fake Google ads are trying to trick users into downloading nasty malware here's how you can fight back

    Date:
    Mon, 29 Jan 2024 20:28:37 +0000

    Description:
    Victims targeted by malvertising campaign using Google Ads to deliver malware.

    FULL STORY ======================================================================

    Consumers in China looking to access banned communications apps such as Telegram are being targeted by threat actors looking to deploy various
    malware .

    This is according to a new report from Malwarebytes Jrme Segura, who found unnamed hackers have been using two Google Ads accounts to publish malicious ads.

    The accounts, both from Nigeria, were either previously compromised, or built from scratch for this particular use. Bypassing MFA

    The accounts were used to create ads pointing to pages pretending to be download sites for Telegram, WhatsApp, LINE, and other communications apps forbidden in the lands beyond the Great Firewall. Consumers who were previously searching for these apps online are targeted, and being displayed these ads. Those who fall for the trap and download the apps end up receiving PlugX and Gh0st RAT malware variants.

    "It also appears that the threat actor privileges quantity over quality by constantly pushing new payloads and infrastructure as command-and-control," Segura said in the report.

    The campaign seems to be a continuation of the campaign called FakeAPP, which saw Hong Kong users targeted in a similar manner, in late October last year.

    Malicious ads are nothing new. Hackers are always on the hunt, not just for Google Ads accounts, but also for Facebook Business accounts, used to run ads on the Facebook platform. As all ads go through multiple hoops before they
    are allowed to run, having a verified account that already had legitimate, active campaigns, in the past, increases the chances for threat actors to smuggle their own campaigns.

    As usual, the best way to fight back is to create strong passwords for such accounts, and update them regularly. Having MFA enabled also helps. On the consumer side of things, its best to use common sense and be skeptical of things sounding too good to be true. Consumers should also mind the URL of
    the websites theyre visiting, type in the addresses instead of searching for things whenever possible, and stay away from hacked, cracked, and jailbroken software.

    Via The Hacker News More from TechRadar Pro Watch out, there's a new malvertising scheme spreading dangerous ransomware Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/fake-google-ads-are-trying-to-trick-use rs-into-downloading-nasty-malware-heres-how-you-can-fight-back


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)