Hackers take advantage of Google Ads to spread malicious code

Hackers take advantage of Google Ads to spread malicious code 1

(Thethaovanhoa.vn) – There is a dangerous trend being deployed by the global hacker community, which is abusing the Google Ads platform to spread malicious code.

There is a dangerous trend being deployed by the global hacker community, which is abusing the Google Ads platform to spread malicious code to unsuspecting users who lack security knowledge and are looking for software products.

It is not difficult to name a number of popular software products in many different fields that are being used by hackers to spread malicious code through Google Ads.

The Google Ads platform helps advertisers promote their websites on Google Search, placing them high in the results list as ads, usually on the official product/project website.

This means that if you search for legitimate software on a browser without an ad blocker, you will see ads related to the software first, and are quite likely to click on that advertised link.

If Google detects that a malicious landing page is being advertised, it will certainly be blocked and the ad removed immediately.

The trick is to trick victims into clicking on an ad to an unrelated but “benign” website created by the threat actor, then redirecting them to a malicious website impersonating the software project and from

Hackers take advantage of Google Ads to spread malicious code

The malicious payload, in ZIP or MSI form, is downloaded from reputable file sharing and code hosting services such as GitHub, Dropbox, or Discord’s CDN.

With malware being packaged with legitimate software.

A simple but effective way to block these types of malicious campaigns is to enable an ad blocker on your web browser.

Another precaution is to scroll down until you see the official domain name of the software project you’re looking for.

If you frequently visit the website of a particular software project to find the source of updates, it is better to bookmark the URL and use it to access it directly when needed.

A common sign that the installer you are about to download may contain malicious code is unusual file size.

Leave a Reply

Your email address will not be published. Required fields are marked *