Jump to content
  • This painful malware targets new victims through Google Ads

    aum

    • 335 views
    • 2 minutes
     Share


    • 335 views
    • 2 minutes

    Look out for these dodgy Google Ads experts warn

     

    Cybersecurity firm Secureworks has discovered a new malware strain digsuising itself as Google Ads, and it’s spreading quickly.

     

    Known as Bumblebee, the malware was initially discovered over a year ago and would typically spread itself via phishing attacks, but Secureworks has warned the actor behind the malicious download is now getting more creative and jumping on a new trend.

     

    In Securework’s recent 2022 State of the Threat report, it discovered in increase in attacks of trojanized software that are being distributed via Google Ads or SEO poisoning, and Bumblebee is just one of many experimenting with this increasingly popular method.


    Bumblebee malware via Google Ads

     

    The malware’s reaches are far beyond the search engine, with examples found across many popular business apps like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace. Victims installing what they think is legitimate software from the fake download pages then get infected with the malware.

     

    The firm’s Director of Intelligence, Mike McLellan, explained that as many as 1% of online ads contain malicious content. McLellan described the typical scenario during which a victim is attacked: rather than downloading software via a company’s IT team, many remote workers are taking control and heading online themselves, unaware of the potential risks.

     

    The report details the download of a legitimate Cisco AnyConnect VPN installer “which had been modified to contain the Bumblebee malware.” As a result, the threat actor not only got access to the victim’s system, but also deployed additional tools like Cobalt Strike.

     

    McLellan explains that the new findings only go to demonstrate how important it is that companies have strict policies in place for restricting access to web ads and managing privileges on software downloads.

     

    Beyond this, workers are advised to create their own path direct to the legitimate website rather than follow a stream of links or ads - or to entirely remove themselves from the process and request that their company’s IT team takes over.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...