SecurityAffairs: A malvertising campaign is delivering a new version of the macOS Atomic Stealer https://securityaffairs.com/150470/malware/macos-atomic-stealer-malvertising.html #informationsecuritynews #ITInformationSecurity #AtomicmacOSStealer #PierluigiPaganini #SecurityAffairs #BreakingNews #malvertising #SecurityNews #hackingnews #CyberCrime #Cybercrime #Hacking #Malware #malware #macOS

Might be this #malvertising #malware going through Google and Bing. https://news.sophos.com/en-us/2023/07/26/into-the-tank-with-nitrogen/

HackRead: Malvertising Attack Drops BlackCat Ransomware via Fake Search Results https://www.hackread.com/fake-search-malvertising-attack-blackcat-ransomware/ #ScamsandFraud #Vulnerability #Malvertising #CyberAttack #Security #security #Malware #ALPHV #RaaS #Scam

HackRead: Malvertising Attack Drops BlackCat Ransomware via Fake Search Results https://www.hackread.com/fake-search-malvertising-attack-blackcat-ransomware/ #ScamsandFraud #Vulnerability #Malvertising #CyberAttack #Security #security #Malware #ALPHV #RaaS #Scam

@rfwaveio

Google: Spreads malware via ads the thousandth time.

Also Google: problem with adblockers, yada yada yada

https://arstechnica.com/gadgets/2023/07/googles-web-integrity-api-sounds-like-drm-for-the-web/

#Google #malvertising

Neue Ransomware für Windows: TrendMicro-Sicherheitsforscher haben einen kürzlich aufgetauchten Ransomware-Stamm mit dem Namen "Big Head" analysiert, der sich möglicherweise über Malvertising verbreitet, das für gefälschte Windows-Updates und Microsoft Word-Installationsprogramme wirbt:
https://www.trendmicro.com/en_us/research/23/g/tailing-big-head-ransomware-variants-tactics-and-impact.html

#Ransomware #Malvertising #windows #trendmicro #DaSS #Datenschutz #Datensicherheit

#Malvertising: #BlackCat-#Ransomware versteckt sich hinter Fake-WinSCP-Tool | Security https://www.heise.de/news/Vorsicht-vor-Malvertising-Fake-WinSCP-Tool-verbreitet-BackCat-Ransomware-9204958.html #Malware

https://arstechnica.com/tech-policy/2023/05/googlers-angry-about-ceos-226m-pay-after-cuts-in-perks-and-12000-layoffs/ Sundar Pichai is a #traitor and #EnemyOfTheState as he facilitates and enables #Malvertising for his own paycheck.

#Bumblebee-#Malware: Opfersuche mit #Malvertising für trojanisierte Installer | Security https://www.heise.de/news/Malvertising-Bumblebee-Malware-in-trojanisierten-Installern-8977016.html #CyberCrime

#Singapore tells its people: block those ads https://www.theregister.com/2023/04/25/singapore_gov_ads/ "Singapore isn’t the first and only government to advocate ad blockers. Similar advice was issued in a public service announcement from the FBI at the end of last year, surely to the dismay of internet publishers." I never heard about that until now, though I've used content blockers since 2003. #ad #ads #malvertising

Google ad leading to likely a tech support #scam posing as #Malwarebytes support.

ransomwarebyte[.]com

#malvertising

Seeing more similar samples today, all coming from malicious #Google ads. Some keywords have been "pdf-tools" and "Advanced IP Scanner".

Payloads are MSIX files containing a PowerShell script which downloads the #Redline stealer.

IOCs:
adv-sect[.]site
advert-job[.]ru
pdf-editor[.]store
advanced-ip-scanner[.]world/

Ad Domains:
tucsontreeservicecompany[.]com
branchmanconstruction[.]com

#iocs #malware #malvertising

An interesting malvertisement this morning. Instead of immediately presenting a cloned downloaded page, it has the user "sign up" for a plan, and then "win" a trial version of the software.

Event chain:
Search for "Restream" -->

Malicious #Google Ad -->

https://carthart[.]info/download-643d320a5804c.php -->

https://www.dropbox[.]com hosting the payload.

https://www.virustotal.com/gui/file/34a4cb0535e2472f16ab08cb3db266f3bb0baa9bf1d7bc26307f0766d72de663/details

#malvertising #ioc #malware

Noticing a little more Google malvertising over the last few days. A search for PDF tools leads to the following:

#Google Ad --> roi-calc[.]com -->
pdf-editor[.]store/ -->
advert-job[.]ru/pdf.php?site=pdf-editor -->
adv-pardorudy[.]site/dwnld/PdfExtra-x86.msi

The MSI contained a double base64 encoded PowerShell script, which downloads two more malicious files, one of which is #redline stealer.

#malvertising #ioc

As usual, great #threatintel about #malvertising by @malwareinfosec

https://infosec.exchange/@malwareinfosec/110197557003627270

Google may have cracked down on ads leading to info-stealer malware, but scams and other shady activity are still easy to find.

For example, if someone were wanting to enter a code for Amazon Prime and were searching for Amazon MyTv, they could easily click on one of these ads.

The phone numbers lead to a "tech support" desk, where someone tries to coerce the user into installing a remote access tool.

#google #malvertising #scam #rmm

Qué es el #Malvertising y cómo prevenirlo… https://amp.sport.es/es/noticias/tecnologia/contamos-malvertising-prevenirlo-85207250

Today, Google published their Ads Safety Report for 2022 in which they publicly admitted that "[...] at the end of 2022 and into the new year, we faced a targeted campaign of scammers creating thousands of accounts to spread malware by impersonating popular software brands" 🔥🔍 #malvertising

The good news is that Google "[...] quickly identified how scammers were spreading their malware and put additional restrictions to block their ability to harm consumers."

Full report is available here:
👉 https://blog.google/products/ads-commerce/our-2022-ads-safety-report/

🚨 #Malvertising alert! Cybercriminals are back with a bang, targeting your favorite software & crypto wallets! 😱 Stay ahead of these digital con artists with robust security solutions and DNS filtering. 🔒💻🔥 #Cybersecurity #StaySafeOnline https://cybersec.banyansecurity.io/s/malvertising-and-vermux-cybercrime-goes-mad-men-7763

Malvertising through search engines | Securelist

#Google #malware #malvertising

https://securelist.com/malvertising-through-search-engines/108996/