[TAG0]
Ads are the top results for a Google search. However, they may also be exactly what you're looking for. It can be tempting to click the link if you are too lazy to scroll down. This behavior is now considered dangerous. A new report claims that hackers have started to place ads for fake websites within Google's sponsored search results. It's possible to think that you are clicking an innocent link to install VLC, but your life will be turned upside-down. Google promises to protect users against this kind of situation.
The news of the new trick to trick people into installing malware is coming from an unfortunate source: a victim who goes under the Twitter handle NFT_God. The person appears to be an influential type in programming and investing, with 16,000 Substack users. BleepingComputer reported that they shared a lengthy and grueling story on Twitter about what happened when they clicked the link to OBS from a sponsored search result. OBS, which is open-source and free, is a popular livestreaming software. Clicking a link in the sponsored results took them to an OBS-related website.
Although the ad doesn't show up anymore on our end, it shouldn't have been there in the first place. (Image by Will Dormann
The fake OBS was downloaded and double-clicked to install it. The OBS was not installed. It seemed like nothing ever happened. The streamer was confused but not bothered and went on with their day, thinking that it was an unusual event. A friend sent them a text letting them know that their Twitter had been hacked. They deleted the tweets of the hacker and received another startling message several hours later. The second one inquired if the hacker had sold their digital NFT pet. They logged into OpenSea to find out that a new wallet had purchased their digital JPEG.
It was then that the NFT_God wrote it. They had everything in their account, including digital coins and NFTs. They claimed that they had lost a significant amount of their net worth. Last but not least, the hackers took control of Substack and sent fake links to all subscribers. They were able fix the situation. The hackers also reset Windows and wiped their computers. They say that it was a lesson learned and are ready to move forward.
It remains to be determined how these links ended up in Google search results. Will Dormann, a threat analyst, has been investigating the matter and the results are not encouraging. He posted links to fake links that still show up in search results.
According to Unit42 on Twitter, how does the infection occur.
Dormann was still capable of finding malware-laden search results from a large range of freeware utilities. These include VLC and Libre Office as well as 7-Zip and other freeware utilities. It appears that Google is working on this issue, according to Twitter. It needs to examine the tools it uses for verifying the authenticity of the links it displays in its results. Many of these links are clearly faked just by the URL. A fake KMPlayer site has the URL "videoplaer.com".
Read
- Google will introduce End-to End Gmail Web Encryption
- Hacker infiltrates FBI Portal and lists details of 87,000 users for sale
- Microsoft will discontinue support for Apple Watch Authenticator App
————————————————————————————————————————————————————————————
By: Josh Norem
Title: Hackers Buy Google Ads to Push Malware Through Searches for Popular Apps
Sourced From: www.extremetech.com/computing/342464-hackers-buy-google-ads-to-push-malware-through-searches-for-popular-apps
Published Date: Fri, 20 Jan 2023 20:19:52 +0000
Leave a Reply