Article 68GBQ Until further notice, think twice before using Google to download software

Until further notice, think twice before using Google to download software

by
Dan Goodin
from Ars Technica - All content on (#68GBQ)
GettyImages-943916926-800x585.jpg

Enlarge (credit: Getty Images)

Searching Google for downloads of popular software has always come with risks, but over the past few months, it has been downright dangerous, according to researchers and a pseudorandom collection of queries.

Threat researchers are used to seeing a moderate flow of malvertising via Google Ads," volunteers at Spamhaus wrote on Thursday. However, over the past few days, researchers have witnessed a massive spike affecting numerous famous brands, with multiple malware being utilized. This is not the norm.'"

One of many new threats: MalVirt

The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. Over the past month, Google Ads has become the go-to place for criminals to spread their malicious wares that are disguised as legitimate downloads by impersonating brands such as Adobe Reader, Gimp, Microsoft Teams, OBS, Slack, Tor, and Thunderbird.

Read 15 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments