Also posted at: https://twitter.com/malware_traffic/status/1621728889486671873

2023-02-03 (Friday) - DEV-0569 activity: Google ad fake CPUID page --> "FakeBat" Loader --> Redline Stealer & Gozi/ISFB/Ursnif

IOCs, pcap of the infection, and associated malware/artifacts available at: https://malware-traffic-analysis.net/2023/02/03/index.html

Tags: #DEV0569 #FakeBat #Gozi #ISFB #Malware #pcap #Redline #RedlineStealer #Ursnif

Hopefully, recent blogs about all these malicious Google ads will force Google to change something. But I have a feeling Google will keep on being Google.