In a concerning development, cybercriminals are increasingly utilizing malicious advertising, or malvertising, to target unsuspecting users with malware. Despite prior warnings, users continue to fall victim to these attacks, emphasizing the need for enhanced caution when interacting with online ads.
Malvertising has gained popularity among hackers, surpassing the efficacy of traditional phishing attacks and malicious apps. Instead of relying on conventional methods, hackers are now purchasing ad space on prominent search engines, particularly Google, to deceive users into unwittingly installing malware.
One deceptive technique employed by hackers involves impersonating well-known brands. Reports indicate instances of hackers mimicking reputable names such as Amazon, USPS, CCleaner, Notepad++, Facebook, and Microsoft. Notably, Facebook and Microsoft have consistently been the most impersonated brands since 2020.
The latest tactic involves hackers posing as a widely used PC tool known as CPU-Z. This tool is commonly employed by PC enthusiasts and gamers to gather information about their processors, motherboards, RAM, and graphics cards. As reported by cybersecurity firm Malwarebytes, hackers are exploiting Google ads to target users searching for CPU-Z online.
Upon clicking on a malicious ad, users are directed to a fake download portal that appears legitimate at first glance. Instead of downloading CPU-Z, the site contains a digitally signed MSIX installer housing a malicious PowerShell script for a loader called FakeBat.
Malware loaders, such as FakeBat, are designed to infect computers with malicious software. Once installed, the loader downloads and installs the Redline stealer, capable of harvesting personal data, including browser history, passwords, credit card information, VPN credentials, system details, and cryptocurrency wallets.
What makes this campaign particularly sophisticated is its selective targeting. Not all users who click on these malicious ads are directed to the fake download portal. Some are redirected to what seems like a standard blog with various articles, indicating a dynamic and adaptive approach by the hackers.
For the average consumer, this presents a significant concern. As online ads are omnipresent, users must exercise caution to avoid falling victim to malvertising. Changing browsing habits, such as avoiding clicking on ads altogether and directly visiting a company’s website, can mitigate the risks. Additionally, using ad blockers and deploying reliable antivirus software are recommended measures to enhance online security.
The evolving tactics employed by hackers highlight the need for ongoing awareness and proactive cybersecurity measures. As malvertising gains traction due to its effectiveness, users must remain vigilant to protect their personal information and devices from the ever-evolving landscape of cyber threats.
Article by Christine “BB” Boring
“Geek girl with a passion for cybersecurity, and a fancy Google certification to prove it!”
Unlike traditional news media outlets, Cyber News Gator believes in readers compensating article authors directly! You can support BB’s continuing work here at Cyber News Gator by contributing to her Patreon.
All articles written by independent contributors to Cyber News Gator remain the property of the original author, and published with permission. Cyber News Gator is not responsible for the contents of independent contributors’ articles.
Cyber News Gator 
Leave a comment