Search cyberveille.decio.ch

Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator

We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led to a BlackCat (aka ALPHV) infection, and actors also used SpyBoy, a terminator that tampers with protection provided by agents.

#trendmicro #EN #2023 #malware #endpoints #BlackCat #WinSCP #report #SpyBoy #GoogleAds

·trendmicro.com·Jul 3, 2023

Malvertising Used as Entry Vector for BlackCat Actors Also Leverage SpyBoy Terminator

Google sponsored ads malvertising targets password manager

We have recently written about malvertising campaigns that leverage Google paid advertisements to try and trick people into downloading malware instead of the software they were looking for. This malware then stole login credentials from the affected system.

#malwarebytes #EN #2023 #Google #googleads #passwordmanagers #malware

·malwarebytes.com·Feb 1, 2023

Google sponsored ads malvertising targets password manager

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results

SEO poisoning is gaining momentum as threat actors leverage malicious ads to deliver malware through web browser searches.

#sentinelone #EN #2023 #SEO #poisoning #Hijacking #Search #Results #googleads #malware #web #malicious

·sentinelone.com·Jan 21, 2023

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Malicious Google Ad --> Fake Notepad++ Page --> Aurora Stealer malware

#SANS #EN #2023 #googleads #Fake #Notepad #Aurora #Stealer #malware

·isc.sans.edu·Jan 18, 2023

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Google Ads Exploited to Spread Malware

Google Ads is one of the most popular advertising platform, but it's also a target for cybercriminals. Learn how they are using it to spread malware.

#heimdalsecurity #EN #2022 #googleads #abuse #Malware #Exploited

·heimdalsecurity.com·Jan 18, 2023

Google Ads Exploited to Spread Malware

“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets

A newly uncovered technique to abuse Google’s ad-words powerful advertisement platform is spreading rogue promoted search results in mass. Pointing to allegedly credible advertisement sites that are fully controlled by threat actors, those are used to masquerade and redirect ad-clickers to malicious phishing pages gaining the powerful credibility and targeting capabilities of Google’s search results. Adding customized malware payloads, threat actors are raising the bar for successful malware deployments on Personal PCs with ad words like Grammarly, Malwarebytes, and Afterburner as well as with Visual Studio, Zoom, Slack, and even Dashlane to target organizations.

#labs.guard.io #EN #2022 #googleads #technique #advertisement #abuse #malware #distribution

·labs.guard.io·Jan 18, 2023

“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets

Google sponsored ads malvertising targets password manager

We have recently written about malvertising campaigns that leverage Google paid advertisements to try and trick people into downloading malware instead of the software they were looking for. This malware then stole login credentials from the affected system.

#malwarebytes #EN #2023 #Google #googleads #passwordmanagers #malware

·malwarebytes.com·Feb 1, 2023

Google sponsored ads malvertising targets password manager

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results

SEO poisoning is gaining momentum as threat actors leverage malicious ads to deliver malware through web browser searches.

#sentinelone #EN #2023 #SEO #poisoning #Hijacking #Search #Results #googleads #malware #web #malicious

·sentinelone.com·Jan 21, 2023

Breaking Down the SEO Poisoning Attack | How Attackers Are Hijacking Search Results

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Malicious Google Ad -- Fake Notepad++ Page -- Aurora Stealer malware

#SANS #EN #2023 #googleads #Fake #Notepad #Aurora #Stealer #malware

·isc.sans.edu·Jan 18, 2023

InfoSec Handlers Diary Blog - SANS Internet Storm Center

Google Ads Exploited to Spread Malware

Google Ads is one of the most popular advertising platform, but it's also a target for cybercriminals. Learn how they are using it to spread malware.

#heimdalsecurity #EN #2022 #googleads #abuse #Malware #Exploited

·heimdalsecurity.com·Jan 18, 2023

Google Ads Exploited to Spread Malware

“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets

A newly uncovered technique to abuse Google’s ad-words powerful advertisement platform is spreading rogue promoted search results in mass. Pointing to allegedly credible advertisement sites that are fully controlled by threat actors, those are used to masquerade and redirect ad-clickers to malicious phishing pages gaining the powerful credibility and targeting capabilities of Google’s search results. Adding customized malware payloads, threat actors are raising the bar for successful malware deployments on Personal PCs with ad words like Grammarly, Malwarebytes, and Afterburner as well as with Visual Studio, Zoom, Slack, and even Dashlane to target organizations.

#labs.guard.io #EN #2022 #googleads #technique #advertisement #abuse #malware #distribution

·labs.guard.io·Jan 18, 2023

“MasquerAds” — Google’s Ad-Words Massively Abused by Threat Actors, Targeting Organizations, GPUs and Crypto Wallets