On today’s show (releases at 4pm PT):
🐦 The newest #Twitter competitor comes from… #Meta
🤖 Republicans use AI-generated ad against Biden
📉 #GoogleAd revenue declines for second quarter
⛔ Singapore government encourages ad blockers
📱 #BeReal struggles, adds new features
🔐 #GoogleAuthenticator now syncs 2FA codes to cloud
💡 #TikTok reveals #creator collaboration tips
🎥 #Yelp allows video additions to reviews
https://todayindigital.com/

#digitalmarketing #metaads #facebookads #instagramads #seoul

@rmceoin I'm working on a little something based on your bash/python script to scan for #GoogleAd #malvertising

It's a #python script using #Selenium #WebDriver. It will script a Chrome browser to search google for an application, and then visit each add that isn't on an "ignore list". It takes screenshots while it does this and logs all the HTML from the ads, as well as parsing metadata from the ads.

That much is working now. My next step is to have it visit the sites, look for download links, and then submit any downloads to #virustotal

I don't think I will have bit complete tomorrow, so maybe next weekend.

This video goes by really fast (the Chrome interaction is automated) but it opens the non-ignored ad in a new tab and records all it's metadata.

#FollowFriday #FF You should follow @rmceoin

His work on identifying #GoogleAd #malvertising is simple, approachable, and effective.

I've gotten more actionable #ThreatIntel from his script this week than I got from 3 top commercial vendors.

@rmceoin Yesterday I started experimenting with your script to find #GoogleAd #malvertising associating with fake software.

I expanded the list of terms to use in search to include #cryptocurrency wallets as well as few programs I saw in other #ThreatIntel reports.

The crypto wallet lead was a good one. I found monxmrwal[.]xyz searching for "defi wallet" and it redirected to blockxmrchaln[.]xyz which offered up a downloader for a malicious #monero wallet via #discord CDN URL.

hxxps://cdn[.]discordapp[.]com/attachments/1069548672313991170/1069636220273037422/setupfile2.8.1.zip

What I'm getting from running your script is that there is much more malversating occur using software download lures.