How hackers are using Google Ads to target unsuspecting users searching for popular software online

Hackers are using Google Ads to target unsuspecting users searching for popular software online.

Updated: December 31, 2022 14:48 IST

Hackers are using Google Ads to target unsuspecting users searching for popular software online. (Photo Credits- Reuters)

With the increase in advancements of the internet a lot of problems have also recurred in the virtual world. Google is one of the most used search engines. And hackers have been extensively using Google Ads platform to target users. Advertisers promote theory pages on Google Search using the Google Ads platform. Cyber attacks are on increase and it becomes highly important for users to use the online platform with utmost caution.

As per reports by Bleeping Computer, Grammarly, Dashlane, AnyDesk, Slack, Thunderbird, ITorrent, Audacity, Libre Office, Teamviewer and many more software products are being impersonated by miscreants. The report mentioned that, “The threat actors clone official websites of the above projects and distribute trojanised versions of the software when users click the download button.”

Users who search for the original software products on the browser which does not have an active ad blocker are most likely to click on malicious links as they look very similar to the actual search results and therefore are hard to distinguish. The rogue sites are nearly invisible to the visitors.

It was observed by guardio Labs in a campaign that the threat actor made users use a trojanised version of Grammarly. It had malware attached to it. Guardio Labs explained “The moment those ‘disguised’ sites are being visited by targeted visitors, the server immediately redirects them to the rogue site and from there to the malicious payload.” The report also mentioned that, “This ensures that any anti-virus programmes running on the victim’s machine won’t object to the download.”

However, if it is detected by Google that the landing site is malicious then the ads are removed and that campaign is blocked. The malware payload usually comes in MSI or ZIP form. It is downloaded from GitHub, Discord’s CDN or Dropbox which are reputable-file sharing and code-hosting services.

ALSO READ | Cyber breaches may earn PSUs hefty fines

ALSO READ | Phishing, DDoS attacks, Zero-day exploits, Malware explained: What they mean, how to stay safe online, and more

TOPICS

Technology

Technology news

Get live Share Market updates, Stock Market Quotes, and the latest India News and business news on Financial Express. Download the Financial Express App for the latest finance news.

This article was first uploaded on December thirty-one, twenty twenty-two, at forty-five minutes past two in the afternoon.

Related News

iPhone 17, iPhone 17 Pro, iPhone 17 Air, iPhone 17 Pro Max colours revealed: Orange, dark blue, purple and more

iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max price in India, US leaks ahead of September 9 launch: Details inside

chandra grahan timings lunar eclipse blood moon

Lunar Eclipse September 2025: Blood Moon Chandra Grahan timing today, can you see it in India?

iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max launching next week: Check expected prices in India, UAE, and the US

How Vivek Oberoi built his Rs 1200 crore net worth with zero debt

AI crash: Aviation expert’s video analysis rules out TCMA failure, raises fresh questions

Trending News57 min ago

Aviation analyst Wyngx challenges the official findings of the Air India AI-171 crash in a detailed documentary. Using a 3D model and publicly available footage, he questions the theories surrounding the crash and suggests the possibility of intentional activation of fuel cutoff switches and malfunctioning of the electronic locator transmitter.

View all shorts