Threat actor impersonates Google via fake ad for Authenticator


Malwarebytes Labs researchers have previously reported on the brand impersonation issue with Google ads: users who search for popular keywords are shown malicious ads that purport to be from an official vendor.

Not only does this trick innocent victims into downloading malware or losing their data to phishing sites, it also erodes trust in brands and by association in Google Search itself. Today, Malwarebytes Labs show yet another example of brand misuse, except that this one targets Google itself. If you were trying to download the popular Google Authenticator (a multi-factor authentication program) via a Google search in the past few days, you may have inadvertently installed malware on your computer.

Read more…
Source: Malwarebytes Labs 


Sign up for our Newsletter


Related:

  • Head Mare: adventures of a unicorn in Russia and Belarus

    September 2, 2024

    Head Mare is a hacktivist group that first made itself known in 2023 on the social network X (formerly Twitter). In their public posts, the attackers reveal information about some of their victims, including organization names, internal documents stolen during attacks, and screenshots of desktops and administrative consoles. By analyzing incidents in Russian companies, Kaspersky researchers ...

  • Northern Ireland: Police Ombudsman sorry for ‘distressing’ data leak as investigation is launched

    September 1, 2024

    An investigation has been launched after a data breach led to the details of current and former Police Ombudsman staff members being accidently released. The Police Ombudsman (PONI) has apologised for the data leak incident involving 160 current and former staff. A document containing some of their personal details was “inadvertently released” to 22 people who ...

  • Misconfigurations in Microsoft Exchange open new doors to email spoofing attacks

    September 1, 2024

    A new report from the Acronis Threat Research Unit has uncovered a vulnerability in Microsoft Exchange Online settings that could enable email spoofing attacks. This issue primarily affects users with a hybrid configuration of on-premises Exchange and Exchange Online, and those utilizing third-party email security solutions. In July 2023, Microsoft introduced a major change in how ...

  • A million airport parking customers affected in huge data breach

    August 31, 2024

    A million Park’N Fly customers have had their sensitive data stolen after the company suffered a cyberattack. The news was confirmed in a data breach notification letter sent out by the company, which noted the threat actors accessed the company’s IT infrastructure in July 2024 using stolen VPN credentials. The crooks stole people’s full names, email ...

  • Cyber security in critical industries: challenges, solutions, and the road ahead

    August 30, 2024

    In an era of rapid digital transformation, cyber security has emerged as a paramount concern, particularly for critical industries such as energy, healthcare, and transportation. As we approach the IET’s Cyber Security for Critical Industries 2024 conference, it is essential to delve into the latest cyber security challenges and explore how building resilient and responsive ...

  • North Korean threat actor Citrine Sleet exploiting Chromium zero-day

    August 30, 2024

    On August 19, 2024, Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium, now identified as CVE-2024-7971, to gain remote code execution (RCE). Microsoft researchers assess with high confidence that the observed exploitation of CVE-2024-7971 can be attributed to a North Korean threat actor targeting the cryptocurrency sector for financial gain. Microsoft ...