^^^^
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results.
Notepad++, 7-ZIP and WinRAR, and the widely used media player VLC as well as CCleaner utility to name a few
Germán Fernández of cybersecurity company CronUp provides a list of 70 domains that are distributing malware through Google Ads search results by impersonating legitimate software
https://raw.githubusercontent.com/CronUp/Malware-IOCs/main/2023-01-17_Arechclient2_GoogleAds
tweets:
amount of people falling for these ads
https://twitter.com/malwrhunterteam/status/1615129063257001984
https://mobile.twitter.com/mdmck10/status/1615010474088611842
brave browser
https://twitter.com/crep1x/status/1615840062729605122
Google has to make money
@ecksmc Google doing anything about this?
I'd hope so BUT there response is playbook
"We have robust policies prohibiting ads that attempt to circumvent our enforcement by disguising the advertiser’s identity and impersonating other brands, and we enforce them vigorously. We reviewed the ads in question and have removed them" - Google
Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner
#CoSoSec
https://www.bleepingcomputer.com/news/security/hackers-push-malware-via-google-search-ads-for-vlc-7-zip-ccleaner/