Cybercriminals are using Google Ads to trick you into downloading malware disguised as the Google Authenticator app. Malwarebytes recently discovered this sneaky malvertising campaign that exploits the trust you have in Google’s advertising platform.
These fake ads lead to convincing Google Authenticator lookalike sites, like chromeweb-authenticators[.]com and authenticcator-descktop[.]com, as reported by cybernews. But instead of the real deal, you’ll end up with the nasty DeerStealer malware that steals your credentials, cookies, and other sensitive info stored in your browser.
To avoid falling for these scams, steer clear of clicking on promoted results on Google Search. Use an ad blocker for extra protection. And always bookmark the official URLs of the software you regularly use. Before hitting that download button, double-check that the URL matches the project’s legitimate domain. And don’t forget to scan any downloaded files with an up-to-date antivirus tool before running them.
Google’s working hard to catch these bad ads, but the criminals keep finding new ways to sneak past their defenses. In 2023 alone, Google removed a whopping 3.4 billion ads, restricted over 5.7 billion, and kicked out more than 5.6 million shady advertiser accounts. But clearly, there’s still work to be done.
The company has blocked the fake advertiser Malwarebytes reported and is beefing up its automated systems and human review teams to help spot and squash these malicious campaigns more quickly. But it’s an ongoing battle, so stay alert and take steps to protect yourself online.
Don’t let these phony ads fool you – be cautious, verify before you trust, and keep your guard up in the ever-evolving world of cybersecurity threats.
Scope of the Problem
Google is working hard to keep you safe from malicious ads. In 2023, they removed a whopping 3.4 billion bad ads, restricted over 5.7 billion more, and kicked out 5.6 million shady advertiser accounts. But some sneaky actors still manage to slip through the cracks.
These scammers are constantly coming up with new tricks to fool Google’s security systems. They’ll create thousands of accounts at once, use fancy text manipulation, and even show different websites to Google’s reviewers than what you’d see. It’s an ongoing battle to stay one step ahead.
Despite Google’s best efforts, fake ads can still pop up when you least expect them. That’s why it’s so important to stay vigilant and know what to look out for. Don’t let these tricksters catch you off guard – keep your guard up and your eyes peeled for anything suspicious.
Impact of DeerStealer Malware
The DeerStealer malware, spread through these fake Google Authenticator ads, poses a serious threat to users’ security and privacy. Once installed on a victim’s device, the malware silently steals a wide range of sensitive information, including login credentials, cookies, and other data stored in web browsers.
This stolen data can be used by attackers to gain unauthorized access to users’ online accounts, such as email, social media, and financial services. With access to these accounts, criminals can engage in identity theft, financial fraud, and other malicious activities.
Moreover, the stolen cookies allow attackers to bypass login requirements and access accounts without needing the actual login credentials. This makes it even easier for them to take over and abuse compromised accounts.
The consequences of falling victim to DeerStealer can be severe. Users may face financial losses, reputational damage, and the exposure of sensitive personal information. In some cases, the impact can extend beyond the individual, affecting businesses and organizations if corporate accounts are compromised.
To protect yourself from DeerStealer and similar threats, it’s crucial to be cautious when clicking on ads, even on trusted platforms like Google. Always verify the URL before downloading any files, and scan downloaded files with an up-to-date antivirus tool before running them. Staying vigilant and following best practices for online security can help minimize the risk of falling victim to these malicious campaigns.
Recommendations For protection
You can protect yourself from these malicious ads. Here’s what you should do:
- Don’t click on promoted results on Google Search. They might be fake.
- Use an ad blocker. It can help filter out malicious ads.
- As bleepingcomputer suggests, bookmark the URLs of software projects you use often. This way, you know you’re going to the right site.
- Before you download a file, double-check the URL. Make sure it matches the project’s official domain.
- Always scan downloaded files with an up-to-date antivirus tool before opening them. This can catch any malware.
Official Response
In response to this incident, Google is ramping up its efforts to detect and remove malicious campaigns. The tech giant is increasing the scale of its automated systems and human reviewers to better identify and eliminate threats.
“We take the security of our users very seriously and are constantly working to improve our systems,” a Google spokesperson stated. “We appreciate the efforts of security researchers in bringing these issues to our attention and will continue to collaborate with them to keep our platform safe.”
Image credit: Wikimedia Commons
