b2b-daily
Search
Close this search box.
Search
Close this search box.
Home | IT | Cyber Security

Cybercriminals Hijack Google Ads for Malware Attacks

Avatar photo
by Dwaine Evans
May 14, 2024
Cybercriminals Hijack Google Ads for Malware Attacks

The landscape of digital advertising has become a battleground for cybersecurity as cybercriminals exploit sponsored Google Ads to deliver malware. A recent report by eSentire’s Threat Response Unit (TRU) has uncovered that the notorious Russian hacker group FIN7 masqueraded as trusted software brands like AnyDesk, WinSCP, and even Google Meet to set their trap. Unsuspecting users searching for these legitimate applications were taken in by the deceptive sponsored ads and, believing they were downloading useful software, were instead downloading malware-infected files.

The Deceptive Strategy

FIN7’s strategy involved the meticulous creation of signed MSIX files—a Windows packaging format—that were presented as legitimate browser extensions. These were disseminated by entities with seemingly credible names, “SOFTWARE SP Z O O” and “SOFTWARE BYTES LTD.” Despite these professional-sounding entity names, the security certificates were anything but legitimate and were soon revoked. The packages employed a sophisticated multi-stage infection process, starting with system information reconnaissance and culminating in the deployment of the NetSupport RAT and DiceLoader malware.

The group used a tailored combination of C2 URLs and scripts, highlighting a careful and calculated approach to ensure success in their attacks. One alarming detail in TRU’s report detailed the speed of FIN7’s maneuvering; within a scant few hours of infection, the group conducted surveillance on the compromised user, collected Active Directory data, and swiftly installed additional malware. Such rapid execution underscores the group’s expertise and the sophistication of their multi-stage payloads.

Essential Cybersecurity Measures

Cybersecurity in digital advertising is under siege as hackers use Google Ads for malware distribution. A report from eSentire’s Threat Response Unit sheds light on FIN7, a Russian cybercrime group, deviously impersonating reputable software like AnyDesk and WinSCP, along with Google Meet. Users looking for these legitimate apps on search engines could be lured into clicking on malicious paid ads. These ads seem trustworthy but lead to the downloading of malware-laden counterfeit software. This sophisticated ploy by FIN7 highlights the persistent threat of ad-based cyberattacks and emphasizes the need for vigilance among internet users. Ensuring software is downloaded from official sources has become critical in avoiding these cleverly disguised threats. This incident serves as a stark reminder of the evolving tactics of cybercriminals and the importance of advanced cybersecurity measures to protect against such deceptive practices in digital advertising spaces.

Digital TransformationInformation Security

Explore more

Email Marketing Drives Ecommerce Growth and Loyalty
May 16, 2025

In an era dominated by social media and ever-evolving digital platforms, email marketing has carved its niche as a cornerstone strategy for ecommerce brands seeking growth and customer loyalty. While flashy apps and websites pop up with regularity, emails quietly continue to offer consistent, adaptable solutions for engaging audiences effectively. A cornerstone statistic from the Data & Marketing Association has

Will Validity’s Acquisition Revolutionize Email Marketing?
May 16, 2025

In a strategic move, Validity has successfully acquired Litmus to revolutionize the email marketing landscape by integrating Litmus’s advanced email optimization and testing capabilities into Validity’s robust platform. Validity, renowned for its expertise in managing CRM data and email verification, aims to construct a comprehensive system that oversees every phase of the email campaign lifecycle. With products such as DemandTools

Can You Stay Ahead in Digital Marketing Innovation?
May 16, 2025

In the rapidly evolving world of digital marketing, staying ahead of innovation poses a formidable challenge for industry professionals. As technology advances, new tools, strategies, and platforms emerge at a breakneck pace, leaving marketers in constant pursuit of the latest trends. The upcoming digital marketing conference highlights the importance of embracing these technological shifts, urging senior marketing leaders to gather

Can Sender Revolutionize Email Marketing for Small Businesses?
May 16, 2025

The rapidly evolving landscape of digital marketing presents both opportunities and challenges for small businesses striving to establish their presence amid fierce competition. Email marketing has long been an essential tool in this realm, but the prohibitive costs and complex features of many platforms have frequently hampered access for smaller entities. Against this backdrop, Sender emerges as a compelling alternative—a

Can HPE Eclipse VMware in the Private Cloud Race?
May 16, 2025

The private cloud market has long been a competitive realm filled with robust technologies and innovative solutions. Among the major players, Hewlett Packard Enterprise (HPE) and VMware stand out for their ongoing rivalry in providing cloud management solutions. The market has witnessed significant shifts, particularly after Broadcom’s operational changes within VMware, prompting several tech giants to position themselves as feasible