Report: malware is distributed via Google Ads at an alarming rate
#1
Exclamation 
Quote:Search engine ads have always seen some level of abuse by malicious actors to spread malware. An ad is placed at the top of results on Google Search and most other search engines, which means that it will get more exposure than other other link on the site.

Over the past weeks, researchers have witnessed an increase in malware campaigns that use Google Search ads. Spamhaus Technology, for example, published a report on February 2nd, 2023 on the current increase in malvertising activity. Malvertising, which stands for malware advertising, is spreading "numerous malware" by impersonating programs and brands such as Adobe Reader, GIMP, Thunderbird or Microsoft Teams.
 [Image: google-search-ads-1.png]

Search ads are based on keywords most of the time. When a searcher runs an exact match keyword or a partial match, ads may be displayed based on parameters that the individual or organization selected during setup.

These ads point to web addresses. In the case of malvertising, links point to fake website that offer downloads for the requested programs. These downloads contain malicious payloads, which are then installed on user devices when they are downloaded and run. The fake websites are made to look like the real websites, but unlike phishing sites, are not bit-by-bit copies of the originals.

Google seems to have removed the reported malvertising campaigns, but it seems likely that new campaigns will be created by malicious actors. While that requires some time for setup, as new Google Adwords accounts need to be created and new domains need to be set up, it is clear that new campaigns will make an appearance on Google Search unless Google is taking action against these campaigns.

Spamhaus believes that Google could reduce the risk of malvertising campaigns by disallowing links to domains that are newly registered. Additional protections would certainly help, but malware actors may resort to buying domains on the second hand market to use them in their campaigns.

SentinelLabs reported an increase in malvertising as well this week.

What users may do to protect themselves

Internet users have a number of options at their disposal to improve protection against malicious advertising and malware in general.

One of the easier options is to ignore ads, especially when it comes to downloads. Google Ads are barely distinguishable from organic content, which may make it difficult for some users to spot the difference.

Certain content blockers, including uBlock Origin, block ads on search engines by default. Others need to be configured to block these ads on the search engine sites.

Another option that users have is to start using a different search engine. Most are financed through ads though, but most are too small to be lucrative targets at the moment.

Now You: which search engine do you prefer?
...
Continue Readng
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Intel to release another microcode upda...
Intel confirms 13th/...harlan4096 — 09:12
Adobe will disable Adobe Elements 2025 t...
Adobe announced ne...harlan4096 — 09:11
iOS 18.0.1 fixes iPhone touch screen pro...
Apple has released...harlan4096 — 09:09
K-Lite Codec Pack 18.5.5 / 18.5.7 Update
Changes in 18.5.7:...harlan4096 — 09:32
AdGuard Browser Extension 5.0.128
AdGuard Browser Ex...harlan4096 — 09:31

[-]
Birthdays
Today's Birthdays
avatar (47)Konradsuiz
avatar (37)haupeadvoge
avatar (41)RobertBrura
Upcoming Birthdays
avatar (46)Michaelaceve
avatar (36)QuadirLigh
avatar (37)Mblippek
avatar (40)guerigGep
avatar (43)viecontAceve
avatar (48)wohnkwagVib
avatar (43)Michaelsen
avatar (36)armaMIZ
avatar (47)lambrnag
avatar (48)AlbertDig
avatar (48)beipHit
avatar (44)Wendigortup
avatar (37)Timothynet
avatar (40)MichaelHig
avatar (36)icebywiwy
avatar (44)Cameronreoxy
avatar (40)BrendaRusia
avatar (46)maggiebz16
avatar (37)MarthaWes
avatar (46)vikgoMam
avatar (39)Michaelcrini
avatar (37)DonaldSoM

[-]
Online Staff
There are no staff members currently online.

>