Security News > 2023 > February > Malware Delivered through Google Search
Criminals using Google search ads to deliver malware isn't new, but Ars Technica declared that the problem has become much worse recently.
In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros.
Over the past month, Google Ads has become the go-to place for criminals to spread their malicious wares that are disguised as legitimate downloads by impersonating brands such as Adobe Reader, Gimp, Microsoft Teams, OBS, Slack, Tor, and Thunderbird.
It's clear that despite all the progress Google has made filtering malicious sites out of returned ads and search results over the past couple decades, criminals have found ways to strike back.
These criminals excel at finding the latest techniques to counter the filtering.
As soon as Google devises a way to block them, the criminals figure out new ways to circumvent those protections.
News URL
https://www.schneier.com/blog/archives/2023/02/malware-delivered-through-google-search.html
Related news
- Fake Homebrew Google ads target Mac users with malware (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)