Search cyberveille.decio.ch

Found 22 bookmarks

Custom sorting

The forgotten malvertising campaign

In recent weeks, we have noted an increase in malvertising campaigns via Google searches. Several of the threat actors we are tracking have improved their techniques to evade detection throughout the delivery chain. We believe this evolution will have a real world impact among corporate users getting compromised via malicious ads eventually leading to the deployment of malware and ransomware. In this blog post, we look at a malvertising campaign that seems to have flown under the radar entirely for at least several months. It is unique in its way to fingerprint users and distribute time sensitive payloads.

#malwarebytes #EN #2023 #Notepad++#GoogleAds #malvertising

·malwarebytes.com·Oct 17, 2023

The forgotten malvertising campaign

Sneaky Amazon Google ad leads to Microsoft support scam

A legitimate-looking ad for Amazon in Google search results redirects visitors to a Microsoft Defender tech support scam that locks up their browser.

#bleepingcomputer #EN #2023 #GoogleAds #technical-support #scam

·bleepingcomputer.com·Aug 21, 2023

Sneaky Amazon Google ad leads to Microsoft support scam

Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator

We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.

#trendmicro #EN #2023 #malware #endpoints #BlackCat #WinSCP #report #SpyBoy #GoogleAds

·trendmicro.com·Jul 3, 2023

Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator

Malvertising via brand impersonation is back again

Web search is about to embark on a new journey thanks to artificial intelligence technology that online giants such as Microsoft and Google are experimenting with. Yet, there is a problem when it comes to malicious ads displayed by search engines that AI likely won't be able to fix.

#malwarebytes #EN #2023 #brand #impersonation #GoogleAds

·malwarebytes.com·May 24, 2023

Malvertising via brand impersonation is back again

BatLoader Continues to Abuse Google Search Ads to Deliver…

Learn more about the BatLoader malware, how we detected the attack, and recommendations from our Threat Response Unit (TRU) to protect your business from…

#esentire #EN #2023 #BatLoader #GoogleAds #vidar #ursnif

·esentire.com·Mar 15, 2023

BatLoader Continues to Abuse Google Search Ads to Deliver…

Bitwarden password vaults targeted in Google ads phishing attack

Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.

#bleepingcomputer #EN #2023 #1Password #Bitwarden #GoogleAds #googleads #MFA #Multi-Factor-Authentication #Password-Manager #Passwords #Phishing

·bleepingcomputer.com·Feb 8, 2023

Bitwarden password vaults targeted in Google ads phishing attack

Malware-Traffic-Analysis.net - 2023-02-03 - DEV-0569 activity: Google ad -- FakeBat Loader -- Redline Stealer & Gozi/ISFB/Ursnif

NOTES: Zip files are password-protected. If you don't know the password, see the "about" page of this website. IOCs are listed on this page below all of the images.

#malware-traffic-analysis #EN #2023 #analysis #googleads #DEV-0569 #CPU-Z #IoCs

·malware-traffic-analysis.net·Feb 5, 2023

Malware-Traffic-Analysis.net - 2023-02-03 - DEV-0569 activity: Google ad -- FakeBat Loader -- Redline Stealer & Gozi/ISFB/Ursnif

.NET Virtualization Thrives in Malvertising Attacks

.NET malware loaders distributed through malvertising are using obfuscated virtualization for anti-analysis and evasion in an ongoing campaign.

#sentinelone #EN #2023 #Malvertising #googleads

·sentinelone.com·Feb 2, 2023

.NET Virtualization Thrives in Malvertising Attacks

Google sponsored ads malvertising targets password manager

We have recently written about malvertising campaigns that leverage Google paid advertisements to try and trick people into downloading malware instead of the software they were looking for. This malware then stole login credentials from the affected system.

#malwarebytes #EN #2023 #Google #googleads #passwordmanagers #malware

·malwarebytes.com·Feb 1, 2023

Google sponsored ads malvertising targets password manager

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results

SEO poisoning is gaining momentum as threat actors leverage malicious ads to deliver malware through web browser searches.

#sentinelone #EN #2023 #SEO #poisoning #Hijacking #Search #Results #googleads #malware #web #malicious

·sentinelone.com·Jan 21, 2023

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results

Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner

Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.

#bleepingcomputer #EN #2023 #googleads #Advertisement #Google #Info-Stealer #RedLine #Search #Vidar

·bleepingcomputer.com·Jan 20, 2023

Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware

#SANS #EN #2023 #googleads #Fake #Notepad #Aurora #Stealer #malware

·isc.sans.edu·Jan 18, 2023

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Google Ads Malware Wipes NFT Influencer's Crypto Wallet

NFT influencer @NFT_GOD downloaded malware through Google Ads while attempting to download OBS, an open-source video streaming software.

#hackread #EN #2023 #googleads #OBS #open-source #abuse #influencer #NFT

·hackread.com·Jan 18, 2023

Google Ads Malware Wipes NFT Influencer's Crypto Wallet

BatLoader Continues to Abuse Google Search Ads to Deliver…

Learn more about the BatLoader malware, how we detected the attack, and recommendations from our Threat Response Unit (TRU) to protect your business from…

#esentire #EN #2023 #BatLoader #GoogleAds #vidar #ursnif

·esentire.com·Mar 15, 2023

BatLoader Continues to Abuse Google Search Ads to Deliver…

Bitwarden password vaults targeted in Google ads phishing attack

Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials.

#bleepingcomputer #EN #2023 #1Password #Bitwarden #GoogleAds #googleads #MFA #Multi-Factor-Authentication #Password-Manager #Passwords #Phishing

·bleepingcomputer.com·Feb 8, 2023

Bitwarden password vaults targeted in Google ads phishing attack

Malware-Traffic-Analysis.net - 2023-02-03 - DEV-0569 activity: Google ad -- FakeBat Loader -- Redline Stealer & Gozi/ISFB/Ursnif

NOTES: Zip files are password-protected. If you don't know the password, see the "about" page of this website. IOCs are listed on this page below all of the images.

#malware-traffic-analysis #EN #2023 #analysis #googleads #DEV-0569 #CPU-Z #IoCs

·malware-traffic-analysis.net·Feb 5, 2023

Malware-Traffic-Analysis.net - 2023-02-03 - DEV-0569 activity: Google ad -- FakeBat Loader -- Redline Stealer & Gozi/ISFB/Ursnif

.NET Virtualization Thrives in Malvertising Attacks

.NET malware loaders distributed through malvertising are using obfuscated virtualization for anti-analysis and evasion in an ongoing campaign.

#sentinelone #EN #2023 #Malvertising #googleads

·sentinelone.com·Feb 2, 2023

.NET Virtualization Thrives in Malvertising Attacks

Google sponsored ads malvertising targets password manager

#malwarebytes #EN #2023 #Google #googleads #passwordmanagers #malware

·malwarebytes.com·Feb 1, 2023

Google sponsored ads malvertising targets password manager

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results

SEO poisoning is gaining momentum as threat actors leverage malicious ads to deliver malware through web browser searches.

#sentinelone #EN #2023 #SEO #poisoning #Hijacking #Search #Results #googleads #malware #web #malicious

·sentinelone.com·Jan 21, 2023

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results

Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner

Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.

#bleepingcomputer #EN #2023 #googleads #Advertisement #Google #Info-Stealer #RedLine #Search #Vidar

·bleepingcomputer.com·Jan 20, 2023

Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Malicious Google Ad -- Fake Notepad++ Page -- Aurora Stealer malware

#SANS #EN #2023 #googleads #Fake #Notepad #Aurora #Stealer #malware

·isc.sans.edu·Jan 18, 2023

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Google Ads Malware Wipes NFT Influencer's Crypto Wallet

NFT influencer @NFT_GOD downloaded malware through Google Ads while attempting to download OBS, an open-source video streaming software.

#hackread #EN #2023 #googleads #OBS #open-source #abuse #influencer #NFT

·hackread.com·Jan 18, 2023

Google Ads Malware Wipes NFT Influencer's Crypto Wallet