Security News > 2021 > April > Google Alerts continues to be a hotbed of scams and malware
Google Alerts continues to be a hotbed of scams and malware that threat actors are increasingly abusing to promote malicious websites.
While Google Alerts has been abused for a long time, BleepingComputer has noticed a significant increase in activity over the past couple of weeks.
Even if you configure your Google Alert only to show you the best results, the scam alerts will often sneak through only to be detected when you open them.
When a user gets to the site through a Google Alert URL, they will be redirected to malicious sites pushing malware or scams.
When opening up one of the Google Alerts links in Firefox, the link redirected me to a page promoting software called 'YoutubeToMP3,' which has 24/69 VirusTotal detections.
After installing the malware, a headless Chromium browser is launched in the background performing suspicious activity while utilizing 27% of the CPU. As Google is never shown the redirect to malicious sites, the web page is added to the search index, and a Google Alert is fired off to anyone who is monitoring those keywords.
News URL
Related news
- Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign (source)
- New Voldemort malware abuses Google Sheets to store stolen data (source)
- North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams (source)
- Malware locks browser in kiosk mode to steal Google credentials (source)
- Android malware 'Necro' infects 11 million devices via Google Play (source)
- New Octo Android malware version impersonates NordVPN, Google Chrome (source)
- Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale (source)