Security News > 2023 > January > Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.
The distribution method was unknown at the time but separate reports in December from cybersecurity companies Trend Micro and Guardio revealed that hackers were abusing the Google Ads platform to push malicious downloads in search results.
Following NFT God's thread, BleepingComputer conducted its own research and uncovered that OBS is one in a long list of software that threat actors impersonate to push malicious downloads in Google Ads search results.
BleepingComputer also found a website filled with fake software downloads distributed solely via Google Ads search results.
We could not verify if the downloads were malicious but given that the domain is a typosquatted URL, the site blocks search engines from indexing content and promoting the downloads only through ads in search results, there is a strong indication of malicious activity.
Germán Fernández of cybersecurity company CronUp provides a list of 70 domains that are distributing malware through Google Ads search results by impersonating legitimate software.
News URL
Related news
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign (source)
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- Hackers use Google Search ads to steal Google Ads accounts (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- Fake Homebrew Google ads target Mac users with malware (source)